The Record reports:
Security researchers on Friday revealed the discovery of “commercial grade” spyware used in a 9-month-long hacking campaign aimed at Samsung Galaxy phones likely concentrated in the Middle East.
The Android spyware, dubbed LANDFALL, exploited a zero-day, or previously undocumented, vulnerability in Galaxy phones’ image processing libraries. The spyware was likely sent via the WhatsApp messaging platform to exfiltrate data and snoop on targets.
LANDFALL, which may have been zero-click, allowed microphone recording, location tracking, call recording, collection of photos and text message, contacts and call history exfiltration, according to researchers at Palo Alto Networks’ Unit 42. Zero-click spyware requires no direct action from a device user.
Read more at The Record.
