Hackers used malicious WhatsApp images to exploit a critical Samsung zero-day vulnerability and install spyware. Here’s what you need to know about the LandFall attacks.
But Samsung users are the subject of the latest headlines as security researchers reveal details of a hack attack that exploited a critical zero-day vulnerability to install spyware on smartphones, using WhatsApp images as the in.
. Thankfully, the vulnerability has been patched. But here’s everything you need to know about LandFall.of a zero-day vulnerability within the Samsung Android image processing library. CVE-2025-21042 is just part of a spyware family, the researchers said, which has been named LandFall. “This vulnerability was actively exploited in the wild before Samsung patched it in April 2025,” the report confirmed, with attacks observed in the wild. The commercial-grade spyware used with Landfall, alongside the exploit used, had not been publicly reported or analyzed. Until now. The LandFall exploit was distributed by being embedded in malicious image files using the DNG format, and sent by way of WhatsApp messages, according to the report. However, Unit 42 pointed out that the “research did not identify any unknown vulnerabilities in WhatsApp.” I have approached Meta for a statement. Known to have been operating since at least as far back as July 2024, LandFall was using the critical CVE-2025-21042 zero-day vulnerability for months before it was eventually patched in April 2025. I have approached Samsung for a statement, but it’s important to note that there is no risk to current users because of that update. In September, “Samsung also patched another zero-day vulnerability in the same image processing library,” Unit 42 said, “further protecting against this type of attack.”Which is good to know, as LandFall is a full-on commercial-grade spyware attack that enabled what the report referred to as comprehensive surveillance. This included the use of the smartphone microphone, location-tracking functionality, contacts, call logs, and photos. The bad news is that, as Unit 42 said, the use of malformed DNG files “highlights a significant, recurring attack vector: the targeting of vulnerabilities within DNG image processing libraries.” CVE-2025-21042 was not the first and is unlikely to be the last vulnerability that can be exploited by LandFall or similar spyware exploits. The advice, therefore, is to remain vigilant, whether a Samsung user or not, and keep your devices updated, and avoid opening random WhatsApp messages. You might also want to consider using Android’s
Spyware Unit 42 Samsung Smartphone Smasung Galaxy Android Whatsapp Zero Day Attack CVE-2025-21042
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Typhoon Kalmaegi makes landfall in central Vietnam, bringing destructive winds and heavy rainsThe typhoon displaced more than 560,000 villagers in the Philippines, including nearly 450,000 who were evacuated to emergency shelters, the Office of Civil Defense said.
Read more »
Samsung Galaxy S26 Ultra’s camera rumor debunked: Ice Universe sets the record straightAleksandar is a tech enthusiast with a broad range of interests, from smartphones to space exploration. His curiosity extends to hands-on DIY experiments with his gadgets, and he enjoys switching between different brands to experience the latest innovations.
Read more »
Samsung’s Frame Pro TV has hit a new all-time low before Black FridayThe 65-inch Samsung Frame Pro is on sale for $1,447 at Woot, a new all-time low. We also found deals on Lego’s Star Wars Advent Calendar and a Headspace subscription.
Read more »
Samsung Galaxy S26: Promising Upgrades on the HorizonThe Samsung Galaxy S26 is expected to bring significant advancements, including a powerful new Exynos 2600 chip, potentially surpassing competitors like Snapdragon and Apple's A19 Pro. Other upgrades include innovative display privacy features, redesigned camera island with larger apertures for improved low-light photography, and potentially faster 60W charging.
Read more »
Samsung Reportedly Making Camera System That Captures 320MP PhotosSamsung is reportedly building a groundbreaking new smartphone imaging system that can capture 320MP photos and 108MP RAW bursts.
Read more »
New Landfall spyware used images to hack Samsung Galaxy phones for nearly a yearA new Android spyware called Landfall has been uncovered targeting Samsung Galaxy phones through a zero-click image exploit. Researchers say the spyware used a hidden flaw in Samsung’s photo library to spy on users for almost a year without clicking or downloading any file. The issue has since been patched, but the warning stands.
Read more »