tech

Hackers used booby-trapped images to spy on Samsung phones

DarthCoin

> When an infected image arrived, the background image renderer extracted and executed the hidden payload without user interaction. Once inside the device, the malware modified SELinux policies, granting itself extended privileges to access private data and bypass sandboxing. Landfall's operators could pull extensive information from the phones, including device identifiers, installed applications, contacts, file directories, and browser data. The spyware could even activate microphones and cameras remotely.

I'm surprised this doesn't happen more frequently. 

Or maybe I mean that I'm surprised we don't hear about this happening more frequently. 

It seems like image/video would be such a great way to deliver malicious code. Images are everywhere, people blindly load them in browsers, and nobody really thinks about it. 