"Sophisticated Spyware Targets Samsung Phones for Nearly a Year"

Commercial Spyware "Landfall" Ran Rampant on Samsung Phones for Almost a Year A sophisticated spyware campaign, codenamed "Landfall," has been uncovered targeting Samsung Galaxy phones, exploiting a previously unknown vulnerability in the Android software to steal personal data from users in the Middle East for nearly a year. According to researchers at Unit 42, the threat intelligence arm of Palo Alto Networks, the attacks were likely targeted at specific groups and were made possible by a zero-day exploit that has since been patched by Samsung in April 2025. The discovery highlights the ongoing threat of zero-click attacks, which can compromise systems without user involvement, and underscores the need for continued vigilance in the global fight against cyber threats. Unit 42 researchers say that Landfall first appeared in July 2024, relying on a software flaw now catalogued as CVE-2025-21042. The vulnerability was exploited to steal a raft of personal data, including sensitive information that could potentially be used for malicious purposes. According to a report by Unit 42, the Landfall campaign leveraged a zero-day exploit in Samsung Android software to steal personal data from users in the Middle East. The attacks were most likely targeted at specific groups, and the underlying vulnerability has now been patched. Samsung issued a patch for its phones in April 2025, which should prevent further exploitation of the vulnerability. The discovery of Landfall serves as a reminder of the ongoing threat of cyber attacks and the importance of staying vigilant in the face of emerging threats. "The fact that this vulnerability was exploited for almost a year highlights the need for continued vigilance in the global fight against cyber threats," said a spokesperson for Unit 42. "We urge users to stay up to date with the latest security patches and to be cautious when using public Wi-Fi or other unsecured networks." The Landfall campaign is a prime example of the sophistication and stealth of modern cyber attacks. Zero-click attacks, which can compromise systems without user involvement, are becoming increasingly common and pose a significant threat to individuals and organizations alike. As the threat landscape continues to evolve, it is essential that users and organizations remain vigilant and take proactive steps to protect themselves against emerging threats. In response to the discovery of Landfall, Samsung has issued a statement urging users to update their devices to the latest security patch. "We take the security of our devices very seriously and are committed to providing our users with the latest security patches and updates," said a spokesperson for Samsung. "We urge all users to update their devices as soon as possible to prevent further exploitation of the vulnerability." The incident highlights the need for continued collaboration between technology companies, researchers, and law enforcement agencies to combat the growing threat of cyber attacks. As the threat landscape continues to evolve, it is essential that users, organizations, and governments work together to stay ahead of emerging threats and protect themselves against the ever-growing number of cyber attacks. In conclusion, the discovery of Landfall serves as a reminder of the ongoing threat of cyber attacks and the importance of staying vigilant in the face of emerging threats. As the threat landscape continues to evolve, it is essential that users and organizations remain proactive in protecting themselves against emerging threats and take steps to stay ahead of the cyber attacks.