Researchers from Palo Alto Networks’ Unit 42 have discovered Landfall, a commercial-grade spyware targeting Samsung Galaxy phones in the Middle East. This spyware exploits a previously unknown zero-day vulnerability that has since been patched by Samsung. The malware appears to have been delivered through malicious DNG image files via WhatsApp, showcasing the threat of zero-click attacks, which do not require victim interaction to be successful.
Landfall is particularly focused on Samsung models S22, S23, S24, and Fold/Flip series, indicating that attackers are exploiting specific vulnerabilities inherent to these devices. Interestingly, the campaign’s characteristics bear resemblance to the operations of a group known as Stealth Falcon, which is believed to have connections with the United Arab Emirates government. However, direct links or overlaps in activity between Landfall and Stealth Falcon have not been definitively established. Experts caution that the spyware’s stealthy nature suggests an ongoing threat, with potential implications for other mobile vendors as well.
👉 Pročitaj original: CyberScoop
