WhatsApp warns hundreds of users over fake app spyware threat
Messaging platform WhatsApp has warned that around 200 users may have been compromised after downloading a malicious imitation of its iPhone application containing spyware.
The company said its security team identified users, primarily in Italy, who were tricked into installing an unofficial version of the app designed to infiltrate their devices, News.az reports.
The affected users have since been logged out of their accounts and notified about potential risks to their privacy and security.
In a statement, WhatsApp said it had urged those impacted to remove the fake application immediately and install the official version from trusted sources.
Italian spyware firm accused of involvement
WhatsApp has accused SIO, an Italian spyware developer, of creating the fake application. The firm is known for producing surveillance tools for government use.
The company said it plans to take legal action, stating it will issue a formal demand for SIO to halt any malicious activity linked to the campaign.
SIO develops spyware through its subsidiary ASIGINT, which has previously been associated with controversial surveillance technologies.
Neither SIO nor Apple responded to requests for comment.
Users urged to avoid unofficial apps
A spokesperson for WhatsApp, Margarita Franklin, said the company’s immediate priority was protecting affected users, though it has not disclosed further details about their identities or whether journalists or civil society members were among those targeted.
Cybersecurity experts have long warned that fake or unofficial versions of popular apps are a common method used to deploy spyware. Such apps are often distributed via phishing links or third-party download sites, bypassing official app stores.
Spyware tactics and past incidents
The incident reflects a broader pattern in which surveillance tools are deployed through deceptive applications. Previous investigations revealed that SIO-linked spyware, identified as “Spyrtacus,” had been embedded in fake Android apps, including messaging platforms and customer support tools.
The use of fake apps is considered a well-established tactic in surveillance operations, particularly in Italy, where authorities have historically used phishing techniques in cooperation with telecom providers.
This latest warning comes a year after WhatsApp alerted around 90 users that they had been targeted by spyware developed by Paragon Solutions. That case involved journalists and activists and triggered a major political and legal debate in Italy.
Growing concerns over digital surveillance
The renewed allegations highlight ongoing concerns about the proliferation of commercial spyware and its use in monitoring individuals.
Privacy advocates argue that such tools, while sometimes used for law enforcement purposes, can pose serious risks when deployed without sufficient oversight or safeguards.
WhatsApp said it would continue to monitor threats and strengthen protections to prevent similar attacks, while urging users to download applications only from official sources and remain vigilant against suspicious links.
By Faig Mahmudov
Similar news
