Samsung has fixed a zero-day security vulnerability that was being used to hack into its customers’ phones. The phone maker stated the security flaw was discovered in a software library for displaying images on Samsung devices. This flaw allows hackers to remotely plant malicious code on Samsung devices running Android 13 through the most recent version, Android 16.
Samsung’s advisory noted that security teams from Meta and WhatsApp privately notified the company on August 13. They informed Samsung that an exploit for this issue has existed in the wild. Samsung did not provide a list of devices affected by the vulnerability. A bug is classified as a zero-day when the vendor, in this case Samsung, is given no time to fix it before it is exploited.
It is not immediately clear who is behind the hacking campaign or how many Samsung customers are affected. A spokesperson for Samsung did not respond to a request for comment sent prior to publication. The security fixes coincide with a flurry of security updates from other phone software vendors aimed at countering an ongoing spyware campaign.
Samsung’s security patches follow separate security fixes issued by Apple and WhatsApp in August. Those vulnerabilities were used to target both iPhone owners and Android users, according to security researchers. WhatsApp told TechCrunch that the messaging app maker sent fewer than 200 notifications to affected users whose phones were targeted or compromised by the campaign.
Apple has not commented on the vulnerabilities it patched, except to say that the flaw was used in an extremely sophisticated attack against specific targeted individuals. Apple periodically notifies new victims of potential spyware attacks and asks them to seek help from Access Now’s digital security lab. The tech giant most recently notified an unspecified number of its customers on September 3 that their phones were targeted as part of a spyware campaign, according to the French government.