Samsung
New spyware attack! Samsung Galaxy phones hit through WhatsApp images
A newly identified spyware targeting Samsung Galaxy smartphones has been discovered by Palo Alto Networks’ Unit 42 researchers.
The malware, named LANDFALL, was found to be exploiting a zero-day vulnerability in Samsung’s Android image processing library.
According to Unit 42, attackers used the flaw — tracked as CVE-2025-21042 — to embed the spyware within malicious DNG image files, which were allegedly delivered via WhatsApp. Opening the infected image allowed the malware to execute on the device.
The research team noted that the vulnerability was actively exploited in the wild before Samsung released a security patch in April 2025. Details on the full capabilities of LANDFALL and the exploit toolkit used have not yet been made public.
Cybersecurity experts have advised Samsung Galaxy users to ensure their devices are updated with the latest firmware and security patches to reduce exposure to the threat.
Support Our Journalism
We cannot do without you.. your contribution supports unbiased journalism
IBNS is not driven by any ism- not wokeism, not racism, not skewed secularism, not hyper right-wing or left liberal ideals, nor by any hardline religious beliefs or hyper nationalism. We want to serve you good old objective news, as they are. We do not judge or preach. We let people decide for themselves. We only try to present factual and well-sourced news.
Support objective journalism for a small contribution.
