Urgent: Spyware ‘Landfall’ Targets Samsung Galaxy Phones, Report Reveals

URGENT UPDATE: A new report reveals a sophisticated spyware named Landfall has been exploiting a zero-day vulnerability to target Samsung Galaxy phones in a nearly year-long hacking campaign. Researchers from Palo Alto Networks’ Unit 42 confirmed the spyware was first detected in July 2024 and could compromise devices via malicious images sent through messaging apps, potentially requiring no user interaction.

The vulnerability, identified as CVE-2025-21042, was unknown to Samsung until it was patched in April 2025. Authorities report that the spyware campaign primarily affected individuals in the Middle East, raising concerns about targeted surveillance.

According to Itay Cohen, a senior principal researcher at Unit 42, the hacking campaign was a “precision attack” aimed at specific targets rather than mass distribution, indicating potential espionage motives. The spyware has been linked to a known surveillance vendor, Stealth Falcon, which has a history of targeting journalists and activists in the region since 2012.

Unit 42 noted that samples of the Landfall spyware were uploaded to VirusTotal from users in Morocco, Iran, Iraq, and Turkey throughout 2024 and early 2025. Notably, Turkey’s national cyber readiness team, known as USOM, flagged one of the spyware’s IP addresses as malicious, suggesting individuals in Turkey may have been specifically targeted.

The Landfall spyware is capable of extensive device surveillance, including accessing photos, messages, contacts, and call logs, as well as activating the device’s microphone and tracking locations. Research indicates that the spyware’s source code referenced several Samsung Galaxy models, including the Galaxy S22, S23, S24, and select Z models, with the potential for other Galaxy devices to be affected across Android versions 13 through 15.

The chilling implications of this spyware attack underscore the urgent need for device security and awareness among users, especially in vulnerable regions. As the investigation continues, experts are urging Samsung users to remain vigilant and ensure their devices are updated to mitigate potential risks.

As of now, Samsung has yet to respond to requests for comments regarding this serious issue, as concerns about privacy and digital security escalate. Stay tuned for further updates as this story develops.