Skip to main content
  1. Home
  2. Phones
  3. News

New Landfall spyware used images to hack Samsung Galaxy phones for nearly a year

It worked even when you didn’t click the file.

Add as a preferred source on Google
landfall-spyware-samsung-galaxy-phones
Samsung

What’s happened? Security researchers at Palo Alto Networks’ Unit 42 have uncovered an Android spyware campaign called Landfall. The malware exploited a zero-day vulnerability in Samsung Galaxy phones that could be triggered by a malicious image sent to a phone, and it appears to have been used in a targeted espionage campaign.

  • The flaw, tracked as CVE-2025-21042, hid inside Samsung’s image-processing library, allowing attackers to infect devices with a single malicious image file.
  • The exploit was zero-click, meaning victims didn’t need to open or tap anything. The infection could occur when a malicious .DNG image is received through messaging apps like WhatsApp.
  • The issue was patched by Samsung in April 2025, but the spyware had already been active since July 2024, silently running for almost a year before discovery.
  • The campaign mainly targeted Samsung Galaxy S22, S23, S24, and foldable models like the Z Fold 4 and Z Flip 4, across Android 13 through 15.

This is important because: Even if Samsung patched the flaw in April, targeted spyware campaigns can run for months. Researchers describe it as a precision attack on specific people, consistent with surveillance rather than mass crime.

  • Victims were primarily located in the Middle East and North Africa, including Iran, Iraq, Turkey, and Morocco, suggesting geopolitical or state-aligned motives.
  • The malware was distributed through a network of servers linked to domains previously associated with the Stealth Falcon surveillance group, although researchers haven’t confirmed exactly who is behind it.
  • Unit 42 says the spyware’s design and infrastructure suggest that the masterminds behind Landfall are professional surveillance vendors rather than cybercriminals.

Why should I care? For everyday users, this shows that modern spyware doesn’t always require a careless click; even receiving the wrong file could trigger an exploit.

  • Once installed, Landfall could record audio, activate the camera, collect messages, contacts, and call logs, and track real-time location.
Recommended Videos

OK, what’s next? Even though Samsung rolled out fixes for this flaw, researchers warn that other undisclosed exploits could still exist. If you own a Galaxy device listed above or run Android 13–15, here’s what you can do:

  • Make sure your Samsung phone is fully updated.
  • Avoid opening images or files from unknown senders, even in common messaging apps like Whatsapp.
  • Watch for anomalies: unexpected battery drain, overheating, or unknown background data usage could indicate compromise.

Vulnerabilities like Landfall are quite difficult to spot before they strike. That’s why phone manufacturers are doubling down on mobile security with Apple expanding its Lockdown Mode, and Google testing live threat detection for Android users.

Manisha Priyadarshini
Manisha Priyadarshini is a tech and entertainment writer with over nine years of editorial experience.
Android 17 makes it harder for bad actors to guess and crack the PIN on your phone
Thieves only get 20 shots before the door slams shut
Electronics, Mobile Phone, Phone

Google is planning on making Android 17 even more secure. The company had previously confirmed that Android 17 will now reduce the number of times someone can guess your PIN or password and add longer wait times between failed attempts.

Now, thanks to a deeper breakdown from Mishaal Rahman, we have a better idea of how aggressive that change really is.

Read more
Acti just turned your smartphone keyboard into an AI assistant
One keyboard that types your words and does your errands. This might be the upgrade your thumbs have been waiting for.
Acti keyboard open on iPhone

Your smartphone’s keyboard is the thing you interact with the most, and yet, it has largely remained the same since it was introduced two decades ago. Yes, it has become better at understanding our typing habits and predicting text, but its function has largely remained unchanged. 

A Singapore startup called Acti looked at the keyboard and the large space it occupies on your smartphone and asked a fair question. Why not make it actually do things? After seeing its keyboard in action, I think the idea has legs.

Read more
Finding photos is so much easier with Siri AI in iOS 27 that I no longer scroll
Natural language photo search in iOS 27 is the kind of feature that quietly becomes essential.
Electronics, Phone, Mobile Phone

My camera roll has crossed 8,000 photos, and it got there by capturing random moments (only to forget them later). The problem, however, starts when someone asks me to share something specific. It could be their portrait from last weekend or the food pictures they snapped using my phone.

Finding those pictures usually means scrolling through my seemingly endless camera roll. If the photo is a month or two old, I end up scrolling past hundreds of other images to find it, and that gets old fast.

Read more