A newly discovered Android spyware named “Landfall” has been targeting Samsung Galaxy phones through a zero-day vulnerability in the software. This flaw, initially detected in July 2024, went unnoticed by Samsung until it was patched in April 2025. The hackers took advantage of this vulnerability by sending a specially crafted image to the target’s phone, likely via a messaging app, with no interaction needed from the victim. The attacks primarily focused on individuals in the Middle East, suggesting a precision attack rather than a widespread malware distribution. The spyware is linked to digital infrastructure associated with Stealth Falcon, a surveillance vendor known for targeting Emirati journalists and activists. Additionally, evidence suggests that Turkey may have been among the targeted countries, as samples of the spyware were uploaded to a malware scanning service from users in Morocco, Iran, Iraq, and Turkey.
Has new Android spyware been targeting Samsung phones for over a year?
