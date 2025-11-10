ETV Bharat / technology

People Using These Samsung Galaxy Smartphones Need To Update Them Immediately: Spyware Landfall Exposed

The sypware was primarliy located in urkey, Iran, Iraq, and Morocco. ( Image Credit: Samsung )

Hyderabad: Samsung Galaxy smartphone users need to be cautious. They need to be careful before downloading any images from unknown individuals that might look harmless, but could contain spyware capable of hacking their smartphones.

A sophisticated cyber spying campaign, Landfall, which ran quietly for almost a year, has been discovered. The spyware exploited a flaw in Samsung’s software to infiltrate devices without the need for any click or downloading any app or software from the victim.

It hides inside Digital Negative (DNG) image files, which are disguised as regular JPEG photos and sent via messaging apps like WhatsApp. The malicious code automatically gets activated when the image reaches a device, even without the victim opening or clicking it. This is known as a zero-click attack.

How does Landfall work?

According to a report by Unit 42 at Palo Alto Networks, Landfall targets a vulnerability known as CVE-2025-21042 present within Samsung’s image processing library.

Once a victim receives an infected DNG file, the spyware gets access to the phone’s camera, microphone, files, location, and call logs.

It turns the Samsung Galaxy phones into a full-fledged surveillance device, capable of recording calls, stealing photos and messages, accessing contacts, and tracking user activities in real-time.

The Landfall spyware is affected on Samsung Galaxy devices such as S22, S23, S24, Z Fold 4, and Z Flip 4, which are primarily located in Turkey, Iran, Iraq, and Morocco— countries within the Middle East.