Spyware Attack via WhatsApp Images Targets Samsung Galaxy Phones: ‘Landfall’ Exploit Exposes Major Security Flaw

Samsung Galaxy smartphones have faced a serious cybersecurity issue as a result of a zero-day vulnerability being exploited through WhatsApp images by a covert spyware campaign that has been discovered by researchers. The spyware, which has been given the name Landfall, had the ability to quietly access devices and no action from the user was required—just getting an image that was infected was sufficient.

Zero-Click Exploit Through WhatsApp Images

According to cybersecurity firm Palo Alto Networks’ Unit 42, hackers took advantage of a flaw in Samsung’s image-processing system to deploy Landfall spyware across several Galaxy models. The vulnerability—CVE-2025-21042—was hidden deep within Samsung’s proprietary image-handling library.

By weaponizing Digital Negative (DNG) files disguised as normal JPEGs, attackers managed to execute a zero-click attack, gaining full control over the device immediately after the image was delivered. Victims did not need to open or tap on the file.

Affected Devices and Timeline

The spyware primarily targeted Samsung Galaxy S22, S23, S24, Z Fold 4, and Z Flip 4 models, especially in the Middle East, including Turkey, Iran, Iraq, and Morocco. The operation reportedly remained undetected for nearly a year before being discovered in mid-2024.

Although Samsung was informed about the flaw in September 2024, the company released a security patch only in April 2025, leaving millions of users vulnerable for months.

Landfall’s Capabilities and Impact

Once installed, Landfall acted as a powerful surveillance tool capable of:

Recording phone calls
Accessing photos, contacts, and messages
Activating the microphone for eavesdropping
Tracking users’ real-time location

Investigators said the spyware’s design and techniques resembled those of Stealth Falcon, a group previously linked to state-backed surveillance operations in the UAE, though no direct attribution has yet been confirmed.

“It was a precision attack, not a mass campaign,” said Itay Cohen, Senior Principal Researcher at Unit 42. “That strongly suggests espionage motives rather than financial gain.”

Discovery and Response

The campaign came to light when Unit 42 analysts found several compromised DNG files uploaded to Google’s VirusTotal platform from Middle Eastern IP addresses. Subsequent analysis revealed links to a command-and-control server flagged by Turkey’s national cyber agency, indicating possible targeting of Turkish users.

Samsung has since fixed the vulnerability, but experts warn that the Landfall exploit is a stark reminder of the growing sophistication of mobile cyberattacks. Users are urged to update their devices immediately and remain cautious even with trusted communication apps like WhatsApp.

Cybersecurity experts caution: In today’s threat landscape, even a harmless-looking image could open the door to digital espionage.

NYT Connections Sports Edition Today: Hints and Answers for March 12, 2026

Fans of daily word puzzles have another challenge to enjoy with the Connections Sports Edition. If you’re trying to solve today’s puzzle but feel stuck, here are some helpful hints and the full answers for Thursday,

Wordle Today: Hints and Answer for Puzzle #1726 – March 11, 2026

Word puzzle fans around the world eagerly wait for the daily challenge from The New York Times. Among its popular games, Wordle continues to keep players hooked with its simple yet tricky five-letter puzzle that refreshes

NYT ‘Connections’ Hints and Answers for Today – March 11, 2026 (Puzzle #1004)

Fans of daily word puzzles from The New York Times know the thrill of solving games like Wordle, Strands, the Mini Crossword, and Connections all in one go. However, some days can be trickier than others.

Today’s Wordle Hint and Answer for March 10, 2026 – Puzzle #1725

The people who play daily word games from The New York Times begin their day by solving Wordle, NYT Connections, Strands, and the Mini Crossword. Wordle stands out among all available challenges because its simple yet

NYT Connections Answers Today (March 10, 2026): Hints and Solution for Puzzle #1002

Players tackling today’s NYT Connections puzzle might have found Puzzle #1002 a bit tricky. The Tuesday challenge mixed together cooking techniques, family nicknames, U.S. state abbreviations, and punch-related words, making it harder to identify the correct

Wordle Answer Today #1721 for March 6, 2026 – Hints and Solution Revealed

Word puzzle fans are back with another challenge in the popular daily game Wordle which The New York Times published. The puzzle for Friday March 6 2026 (Wordle #1721) has left some players searching for clues.