Another day, another malware attack on smartphones. Researchers at Unit 42, the threat intelligence arm of Palo Alto Networks, have revealed a sophisticated spyware known as “Landfall” targeting Samsung Galaxy phones. The researchers say this campaign leveraged a zero-day exploit in Samsung Android software to steal a raft of personal data, and it was active for almost a year. Thankfully, the underlying vulnerability has now been patched, and the attacks were most likely targeted at specific groups.
Unit 42 says that Landfall first appeared in July 2024, relying on a software flaw now catalogued as CVE-2025-21042. Samsung issued a patch for its phones in April 2025, but details of the attack have only been revealed now.
Even if you were out there poking around the darker corners of the Internet in 2024 and early 2025 with a Samsung Galaxy device, it’s unlikely you’d be infected. The team believes Landfall was used in the Middle East to target individuals for surveillance. It is currently unclear who was behind the attacks.
It’s concerning to see how persistent malware like “Landfall” can affect our devices, especially with the increasing reliance on smartphones. It’s a reminder of the importance of security and staying informed about potential threats. Thanks for shedding light on this issue!
It’s definitely alarming! The fact that it went undetected for so long shows just how sophisticated these threats can be. Regular software updates and awareness about app permissions are crucial in helping protect our devices from such persistent malware.
Absolutely, it is concerning! The prolonged undetectability highlights the need for stronger security measures in smartphone technology. It’s also a reminder for users to stay informed about potential threats and regularly update their devices.