Last Updated:
Samsung flagship phones were exposed to a major security risk that made it possible to infect the devices with dangerous spyware
Samsung Galaxy S phones in the regions were targeted with a spyware
Samsung users have been the target of a dangerous spyware campaign that can be activated just by clicking on an image in WhatsApp. The new report comes via a cybersecurity firm who claims the victims in the Middle East were the main target with this campaign and the worrying part is that nobody knew about the attacks for months.
The details from Unit 42, part of Palo Alto Networks, has mentioned the spyware called Landfall which has been moving across devices hiding in plain sight within regular images that are being sent through WhatsApp region.
The WhatsApp Zero-Day Bug Issue
Using images to plant spyware can be easy and harmless because you don’t have to click any suspicious links, or having to install an app that can bypass the security on the device. These hackers found a zero-day bug that made it easy for them to exploit the issue and just as you open an image the spyware sneaks into the system and does its work covertly.
The firm has codenamed the vulnerability as CVE-2025-20142 which seems to have affected the image gallery on Samsung devices. It says the hackers used Digital Negative (DNG) image files that were being tagged as regular JPEGs and they were transmitted through WhatsApp which raises no alarm.
Samsung Phones Targeted: Who Is At Risk?
The report says some of the latest Samsung devices, including the foldables have been the target for the spyware campaign that can be used to gather details such as calls, get access to photos and messages on the device, and even use the microphone covertly to listen to the conversations.
This is very similar to the Pegasus spyware that was also infiltrating WhatsApp on iPhones over the last few years. However, the Landfall spyware has mostly spread across countries like Turkey, Iran, Morocco and Iraq among others. These Samsung devices could have been attacked:
- Galaxy S22
- Galaxy S23
- Galaxy S24
- Galaxy Z Fold 4
- Galaxy Z Flip 4
The company first detected the threat in mid-2024 and only informed Samsung around September last year. While the brand was only able to issue a patch for the risk in April this year. This big gap between reporting and fixing is not ideal, especially when you have millions of premium devices susceptible to covert hacking threats.
S Aadeetya, Special Correspondent at News18 Tech, accidentally got into journalism 10 years ago, and since then, has been part of established media houses covering the latest trends in technology and helping fr…Read More
S Aadeetya, Special Correspondent at News18 Tech, accidentally got into journalism 10 years ago, and since then, has been part of established media houses covering the latest trends in technology and helping fr… Read More
November 10, 2025, 12:18 IST
Read More
