Samsung Galaxy phones have been ranked among the most secure products available, with their robust protective shield, in particular. However, a new report suggests that the Galaxy devices are being attacked by Android spyware.
Well, malware attacks have been common at times; however, currently, Samsung phones have become a proper target of the newly-released ‘LANDFALL’ spyware, stealing personal data, and it is perhaps continuously being used via a sophisticated zero-day security vulnerability. (via Android Authority)
Essentially, Palo Alto Networks’ Unit 42 division just discovered Android spyware, named LANDFALL (report), which has a similar pattern of issues that were already patched for multiple smartphone companies in the past. At the same time, a zero-day vulnerability in Samsung’s Android image processing library was exploited before Samsung patched it in April 2025.
Well, LANDFALL spyware was pulled off through certain malicious DNG image files sent via messaging apps such as WhatsApp, which eventually permits attackers to steal sensitive data of the users without the interaction of users.
Essentially, it was believed that the spyware was already active in 2024, and Samsung’s One UI 5 through One UI 7 versions are perhaps vulnerable, targeting premium Galaxy devices, including the Galaxy S24 series, Galaxy S23 series, Galaxy S22 series, Galaxy Z Fold 4, and Galaxy Z Flip 4 models.
Nevertheless, it looks like there is no serious risk for the newer generation Galaxy devices so far; also, Samsung has already patched the vulnerability in April 2025. In order to protect the device, users need to update to the latest Samsung security patch available for a secure user experience and performance.
-
-
-
-
