Just Earth News | @justearthnews | 11 Nov 2025, 05:33 am Print
Samsung A representative image of a Samsung phone. Photo: Unsplash
A newly identified spyware targeting Samsung Galaxy smartphones has been discovered by Palo Alto Networks’ Unit 42 researchers.
The malware, named LANDFALL, was found to be exploiting a zero-day vulnerability in Samsung’s Android image processing library.
According to Unit 42, attackers used the flaw — tracked as CVE-2025-21042 — to embed the spyware within malicious DNG image files, which were allegedly delivered via WhatsApp. Opening the infected image allowed the malware to execute on the device.
The research team noted that the vulnerability was actively exploited in the wild before Samsung released a security patch in April 2025. Details on the full capabilities of LANDFALL and the exploit toolkit used have not yet been made public.
Cybersecurity experts have advised Samsung Galaxy users to ensure their devices are updated with the latest firmware and security patches to reduce exposure to the threat.
- BBC top brass fall! Tim Davie, Deborah Turness quit amid Trump documentary firestorm
- US: Four die after speeding car hits crowd outside Tampa bar
- Bangladesh: Officials bust Pakistan shipment hiding 25 tonnes of banned poppy seeds
- Thailand tightens alcohol laws: Tourists warned to watch the clock
- Grok just got a mind-blowing upgrade: Your photos can move now
