Landfall, a new Android spyware found to be targeting Samsung Galaxy phones

By
socialreview.in
On:
Landfall, a new Android spyware found to be targeting Samsung Galaxy phones Top 10 premium smartphones October 2025.webp

Landfall, a spyware that has been energetic for over a 12 months, targets Samsung Galaxy smartphones by exploiting a gap outlined as CVE-2025-21042 within the picture processing of the telephone’s photograph library. This commercial-grade virus can file audio, learn messages, and replica knowledge with out being detected, and it will probably be unfold by way of seemingly legit photographs posted on social networking platforms. Although Samsung mounted this problem earlier this 12 months, the malware stayed operational for greater than a 12 months earlier than the restore, targeting sure Galaxy fashions utilizing focused picture parsing.

The Landfall spyware assault was uncovered by cybersecurity consultants at Unit 42, the menace intelligence part of Palo Alto Networks. The spyware was camouflaged amongst image recordsdata and exploited an unpatched vulnerability to get hold of unauthorised management over the units.

According to the analysis, the vulnerability will not be an remoted incident; moderately, it signifies a repeating sample of comparable safety considerations throughout a number of cell platforms. CVE-2025-21042 was already being exploited earlier than Samsung launched a repair in April 2025 in response to experiences of real-world assaults. However, the exploit’s specifics, in addition to the commercial-grade spyware that accompanied it, have but to be publicly revealed and investigated.

– Advertisement –

LANDFALL used malicious photographs within the DNG format, which have been apparently despatched over WhatsApp. This strategy is comparable to a beforehand reported exploit chain together with vulnerabilities in Apple and WhatsApp that received seen in August 2025, in addition to one other exploit chain linked with the zero-day vulnerability CVE-2025-21043, which was found in September. However, the evaluation didn’t reveal any beforehand unknown vulnerabilities inside WhatsApp. Significantly, the LANDFALL operation started in mid-2024, exploiting the zero-day vulnerability CVE-2025-21042 in Android/Samsung smartphones, which existed for months earlier than the repair was applied. This explicit vulnerability has been patched since April 2025, eradicating any potential hurt to present Samsung customers. Furthermore, in September, Samsung patched one other zero-day vulnerability, CVE-2025-21043, in the identical picture processing library, bettering protections towards focused assaults.

Also Read: OnePlus 15 specs confirmed forward of India launch: Price in India anticipated

What is Landfall?

LANDFALL is a spyware supposed for Samsung Galaxy handsets and utilized in focused penetration within the Middle East. It permits for vital surveillance capabilities, akin to microphone recording, location monitoring, and the gathering of private knowledge akin to photographs, contacts, and name data. The malware makes use of a critical zero-day vulnerability (CVE-2025-21042) in Samsung’s picture processing library to distribute corrupted DNG picture recordsdata. The sharing method may allow zero-click exploitation by way of maliciously created photographs, comparable to assault chains beforehand detected on iOS and different Samsung Galaxy smartphones. This operation combines infrastructure and procedures with business spyware operations within the area, implying a hyperlink to private-sector offensive actors. LANDFALL has purportedly been working unnoticed for some months.

Also Read: Spotify customers can now share content material by way of WhatsApp on their Android units

– Advertisement –

LANDFALL’s b.so element has a number of debug and standing strings, suggesting that it’ll most certainly require different elements to perform correctly. The evaluation reveals potential functionalities akin to machine fingerprinting (OS model, {hardware} ID, SIM ID, and so on.), knowledge exfiltration (entry to calls, contacts, SMS, recordings), execution persistence (loading shared objects, executing DEX recordsdata, modifying SELinux), and evasion methods (detecting debugging frameworks, manipulating namespaces). Devices focused embrace the Galaxy S23, S24, Z Fold4, S22, and Z Flip4 collection.

socialreview.in

Review On AI tool · Education · LifeStyle · Food · Religious · Travel · Movies & Web Series · Movies · Reviews · Appliances · Fan · Headphones · Kitchen-Tech

For Feedback - feedback@example.com

Related News

Samsung to roll out One UI 8.5 update enhances Bixby voice commands
Redmi Note 15 Pro 5G Review: The midrange master returns!
Vivo V70 Elite and Vivo V70 with a 50MP triple back camera system launched in India
Samsung teases creative camera and privacy capabilities ahead of Galaxy S26 Series launch
Nothing to host a launch event on March 5; mocks Apple’s special invite with graffiti
Google pushed the first Android 17 beta update: Here is everything we know so far

Leave a Comment

© 2024 Social review• All rights reserved
About Us Contact Us Terms & Condition Privacy Policy