Yazılar

Warning for Samsung Galaxy Users: Spyware ‘Landfall’ Found Stealing Data for Nearly a Year

/in /tarafından

Cybersecurity researchers from Palo Alto Networks’ Unit 42 have discovered a dangerous Android spyware called Landfall, which has been targeting Samsung Galaxy devices for nearly a year, stealing sensitive user data without detection.

The spyware spread through a malicious DNG image sent via messaging apps like WhatsApp, exploiting a zero-day vulnerability — unknown to Samsung at the time — to take full control of the infected device.

Once activated, Landfall could access photos, messages, contacts, call logs, location data, and even the microphone. According to the report, the first signs of the campaign appeared in July 2024, but Samsung only patched the flaw (CVE-2025-21042) in April 2025, leaving users exposed for months.

The vulnerability resided in ‘libimagecodec.quram.so’, allowing remote attackers to execute arbitrary code without user interaction. The main affected models include the Galaxy S22, S23, S24, and some Galaxy Z devices running Android 13 to 15.

Researchers believe the campaign was a targeted espionage operation, primarily affecting users in the Middle East, and possibly linked to private-sector offensive actors (AOSP).

It remains unclear who developed Landfall or how many users were affected, but senior researcher Itay Cohen described it as a “precision attack” rather than a widespread infection.

Samsung has released a security patch, and experts strongly advise all Galaxy users to update their devices immediately to stay protected.

Report Claims Meta Earned $16 Billion in 2024 from Fraudulent Ads on Facebook and Instagram

/in /tarafından

Meta Reportedly Made Billions from Fraudulent Ads Across Facebook and Instagram in 2024

A new report has alleged that Meta Platforms — the parent company of Facebook, Instagram, and WhatsApp — earned a significant portion of its 2024 revenue from fraudulent and prohibited advertisements. According to internal projections, about 10.1 percent of Meta’s total revenue for the year reportedly came from ads linked to scams and banned goods. The findings suggest that certain internal practices and oversight failures allowed these fraudulent ads to remain active on its platforms, despite clear violations of company policy and advertising regulations.

Citing internal company documents, Reuters reported that Meta failed to effectively detect or block deceptive advertising for a range of illegal or misleading products and services. These included fake e-commerce listings, fraudulent investment schemes, unlicensed online casinos, and even banned medical products. The issue reportedly persisted for at least three years across Meta’s major apps — Facebook, Instagram, and WhatsApp — raising concerns about the company’s ad moderation and accountability practices.

The internal projections also claimed that around $16 billion (approximately ₹1.41 lakh crore) of Meta’s total 2024 revenue stemmed from these fraudulent ad sources. The report further alleged that Meta was hesitant to remove or suspend accounts, even those identified internally as “the scammiest scammers.” Executives reportedly feared that taking strict action against these advertisers would lead to a noticeable decline in ad revenue, which could in turn impact the company’s heavy investments in artificial intelligence (AI) development and infrastructure.

These revelations have sparked fresh debate about Meta’s commitment to user safety and transparency in digital advertising. Critics argue that prioritizing profits over consumer protection undermines trust in its platforms, especially as users increasingly encounter scams disguised as legitimate promotions. While Meta has yet to issue a detailed public response to these allegations, the report adds pressure on the company to tighten its ad screening processes and demonstrate stronger ethical oversight in its rapidly expanding AI-driven advertising ecosystem.

India Tribunal Lifts WhatsApp Data-Sharing Ban but Upholds Meta’s $25 Million Fine

/in /tarafından

An Indian appeals tribunal has overturned a five-year ban preventing WhatsApp from sharing user data with other Meta-owned entities but upheld a $25.4 million fine, delivering a mixed verdict for the U.S. tech giant.

The National Company Law Appellate Tribunal (NCLAT) ruled on Tuesday that the Competition Commission of India’s (CCI) 2024 order lacked sufficient justification for restricting data sharing, calling the regulator’s rationale “missing altogether.” However, it agreed with the CCI’s finding that Meta had abused its market dominance by imposing unfair terms on users.

WhatsApp had challenged the CCI’s ban, warning it could have been forced to roll back certain features if the restriction remained. Meta, in turn, argued that the watchdog lacked the technical expertise to assess the implications of its decision.

The dispute dates back to 2021, when changes to WhatsApp’s privacy policy sparked widespread backlash in India. Regulators accused the company of pressuring users to accept new data-sharing terms or risk losing access to the platform.

A Meta spokesperson said the company is reviewing the tribunal’s written order and reiterated that the 2021 privacy update “did not change the privacy of people’s personal messages, which remain end-to-end encrypted.”

India is Meta’s largest market globally, with hundreds of millions of users across WhatsApp, Facebook, and Instagram — making the ruling a critical development for the company’s operations in the country.