WhatsApp Spyware Alert: Fake App Targets Users in Italy
Published
Key Takeaways
- Fake app: WhatsApp alerted approximately 200 users, primarily located in Italy, about downloading a malicious iOS application disguised as the official messaging platform.
- SIO spyware identified: Security teams linked the malicious software to SIO, an Italian surveillance company known for developing government-grade tracking tools and intercept capabilities.
- User privacy risks: The counterfeit application exposes targets to severe data harvesting, prompting immediate account logouts and recommendations to install the legitimate software version.
A WhatsApp spyware alert was sent to approximately 200 users after the parent company, Meta, discovered that some individuals had unknowingly installed a counterfeit version of the popular messaging application, which was designed to harvest device data.
Tracking the SIO Spyware
The WhatsApp surveillance campaign targeting mobile device users was attributed to SIO, an Italian surveillance technology firm that supplies intelligence agencies and law enforcement. The "highly targeted" campaign was carried out by a subsidiary of northern Italy-based SIO called ASIGINT, the Meta Platforms-owned service said in a statement, Reuters has reported.
The platform immediately logged these users out of their compromised accounts to halt ongoing data collection and advised them to download the official software. WhatsApp plans to issue formal legal demands to halt the firm's deceptive distribution practices.
The SIO website states that the company works with "Law Enforcement Agencies, Government Organizations, Police and Intelligence Agencies." This incident follows previous industry revelations regarding SIO's involvement in distributing malicious mobile applications disguised as basic customer support tools.
Escalating User Privacy Risks
Since the fake WhatsApp spyware may have been distributed outside official app stores, mobile users need to verify the authenticity of such applications. Best practices strongly recommend downloading software exclusively from official repositories to maintain digital safety and prevent third parties from conducting unauthorized surveillance.
In June 2025, Paragon targeted Italian investigative journalists Ciro Pellegrino and Francesco Cancellato, and cut ties with the Italian government amid a Graphite scandal.
Concurrently, seven hacked phones were investigated in a surveillance case, and reports in November revealed Italian Political Consultant Francesco Nicodemo was also targeted.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular