216.73.217.80

New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices

· Published 07/11/2025 18:07 · Modified 07/11/2025 21:35

Export JSON

Essential information

Published
07/11/2025 18:07
Modified
07/11/2025 21:35
Tags
2025-11-07 CVE-2025-21042 CVE-2025-21043 CVE-2025-43300 CVE-2025-55177 android commercial-grade dng landfall samsung spyware whatsapp zero-day
Related entities
18 observables, 5 others

Description

Unit 42 researchers have uncovered , a previously unknown family targeting Galaxy devices. The exploits , a vulnerability in 's image processing library, to deliver surveillance capabilities. is embedded in malicious image files, likely distributed via , and enables comprehensive monitoring including microphone recording, location tracking, and data collection. The campaign shares infrastructure with known commercial operations in the Middle East. The vulnerability has been patched, but the exploit chain remained active and undetected for months before discovery.

External references