Landfall Spyware Targets Samsung Galaxy Phones

Security researchers at Palo Alto Networks’ Unit 42 discovered an Android spyware called Landfall, which exploited a zero-day vulnerability in Samsung Galaxy phones. The spyware, first detected in July 2024, relied on a security flaw patched in April 2025. The attacks likely targeted individuals in a specific region and were delivered through maliciously crafted images, possibly via WhatsApp. The spyware shares overlapping digital infrastructure with a known surveillance vendor, Stealth Falcon. Landfall is capable of broad device surveillance, including accessing photos, messages, contacts, call logs, and tracking location. The spyware's source code referenced five specific Galaxy phone models as targets.

Latest mentioned: 11-07

Earliest mentioned: 11-07

Sources

paloaltonetworks.com techcrunch.com

Also Read

Balancer V2 Suffers $128M DeFi Exploit Due to Smart Contract Flaw

Balancer V2, a prominent automated market maker, experienced a significant data breach resulting in the loss of $128 million in digital assets. The vulnerability in the V2 vault allowed an attacker to manipulate internal calls and drain funds from liquidity pools. Despite multiple audits, the exploit occurred, highlighting the challenges in securing composable DeFi systems. Users are urged to withdraw funds from affected pools and revoke smart contract approvals. The BAL token value dropped, and the total value locked decreased sharply.

11-05Read more →