WhatsApp notified some 200 users who were victims of a scam by downloading a fake and malicious version of their messaging application, designed specifically to install spyware on iPhones.
According to a statement shared with TechCrunch, the company proactively identified those affected, primarily in Italyand proceeded to log out of their sessions, alert them to the security risks, and recommend immediate uninstallation of the fake app.
The Italian spyware maker SIO was identified as responsible for creating this unofficial version of WhatsApp. “Our security team proactively identified some 200 usersmainly in Italy, which we believe could have downloaded this malicious unofficial client,” WhatsApp explained.
“We have alerted them to the risks to their privacy and security that come with downloading fake unofficial clients and have recommended that they download the official application,” the statement continued.
WhatsApp actions and warnings
Margaret FranklinWhatsApp spokesperson, told the media that the company cannot reveal, for the moment, whether the affected people include journalists or members of civil society.
“Our priority has been to protect users who may have been tricked into downloading this fake iOS app,” Franklin said. Additionally, the company announced that it plans to “submit a formal legal demand to stop any such malicious activity by this spyware company.”
The case was initially reported by the Italian newspaper La Repubblica and the ANSA news agency, which warned about the spread of the fake application and WhatsApp’s immediate reaction to mitigate the impact.
SIO and the history of Spyrtacus spyware
Last year, a TechCrunch investigation had already linked SIO with the development of a series of malicious applications for Android. Among them, fake versions of WhatsApp and fake customer service tools for telephone operators were detected.
spywareidentified as Spyrtacus Due to its appearance in the code, it had previously been used in surveillance and espionage campaigns.
SIO develops spyware for government agencies through its subsidiary ASIGINT. In Italy, the use of fake apps as a surveillance tactic is common practice, often in collaboration with mobile phone providers, who send phishing links to users on behalf of law enforcement.
History of espionage and surveillance on WhatsApp
WhatsApp’s announcement comes a year after the company alerted some 90 users about an attack with spyware manufactured by the American-Israeli company Paragon Solutions. At the time, victims included journalists and pro-immigration activists, sparking a scandal that led Paragon to cut ties with Italian spy agencies that were its clients.
These episodes highlight a pattern of targeted attacks targeting people using fake apps or manipulated versions of popular services. The repetition of incidents in Italy suggests that these strategies enjoy some institutional tolerance and that they continue to represent a risk to privacy and digital security.
Recommendations to avoid falling into fraud
WhatsApp insists on the importance of downloading only official applications from verified stores and avoid installing unofficial clients or links received through untrustworthy channels. The victims may have been selected for their professional profile or social activity, although the company has not yet confirmed this information.
Apple and SIO did not respond to media queries about the incident. Meanwhile, WhatsApp continues to monitor the case and prepare legal actions to stop the activity of companies that manufacture and distribute this type of spyware.
The proliferation of fake apps and spyware highlights the need to strengthen digital educationas well as surveillance and judicial action against threats that affect the privacy of users on a global scale. The recommendation remains clear: always use the official application and remain alert for any suspicious activity on mobile devices.
