Fake WhatsApp App Discovered by Italian Spyware Vendor Targeting Users
April 02, 2026
WhatsApp Takes Action Against Asigint Spyware Firm
Recently, WhatsApp identified a malicious fake version of its application that targeted approximately 200 users, primarily in Italy. This fake app was developed by Asigint, an Italian subsidiary of SIO Spa, a known supplier of surveillance tools for law enforcement and intelligence agencies. The unofficial client was found to contain spyware, raising serious privacy concerns.
Security Measures Implemented by WhatsApp
Upon discovery, WhatsAppโs security team logged out the affected users and notified them of potential risks related to their privacy and security. The platform emphasized the importance of removing the counterfeit app and reinstalling the official one, affirming that there was no vulnerability in WhatsAppโs legitimate version, which maintains end-to-end encryption.
Social Engineering Tactics Used by Attackers
The malicious actors employed social engineering techniques to trick users into downloading the harmful app, which was not available through legitimate channels such as the Apple App Store or Google Play. This approach indicates a targeted campaign aimed at a select group of users rather than a widespread distribution.
Background of SIO Spa and Its Spyware Development
Asigint, part of SIO, has an established history in creating government-grade spyware. A report from 2025 linked SIO to a series of malicious Android applications known as Spyrtacus. These apps disguised themselves as popular platforms, including WhatsApp, allowing attackers to extract sensitive information like call logs and messages while also enabling unauthorized monitoring via device cameras and microphones.
Legal Actions and User Safety Initiatives
A WhatsApp spokesperson confirmed the companyโs intention to send a formal legal notice to Asigint, demanding an end to its harmful activities. This legal action is a crucial step in ensuring accountability for spyware developers and serving as a deterrent against future attacks. WhatsAppโs commitment to user safety is reflected in its proactive measures and previous legal successes against commercial spyware firms.
Implications of the Fake WhatsApp Campaign
The incident highlights a growing trend in digital surveillance, where fake applications serve as tools for espionage. Cybersecurity specialists have indicated that such tactics are increasingly common in operations targeting individuals for intelligence purposes. The sophistication of these social engineering techniques illustrates how attackers exploit the trust in well-known software to access sensitive information.
Conclusion: Raising Awareness and Timely Action
This case serves as an important reminder of the ongoing battle between privacy-centric companies and surveillance-driven entities. Although WhatsAppโs end-to-end encryption protects user communications, attackers will continue to seek new methods and tools, such as counterfeit applications, to circumvent security measures. Vigilance and user education are critical for mitigating these evolving threats. Users must ensure they download applications from trusted sources and remain alert to any unusual requests during installation.
Follow me on Twitter: @securityaffairs, Facebook, and Mastodon.
Pierluigi Paganini
(SecurityAffairs โ Hacking, WhatsApp)
Fake WhatsApp App Uncovered: 200 Users Targeted by Italian Spyware Vendor
Pierluigi Paganini April 02, 2026
Malicious Version Targeting Users
In a significant security breach, a fraudulent version of WhatsApp was discovered, primarily affecting around 200 users in Italy. The fake app, laden with spyware, was traced back to the Italian firm Asigint, which operates under the larger umbrella of SIO Spa, known for its surveillance technology tailored for governmental use.
WhatsApp Steps In
WhatsApp promptly identified the threat and acted to protect its users by logging them out of the malicious app. โThis was a calculated social engineering attempt aimed at tricking individuals into downloading harmful software that masquerades as our official app,โ the company stated in its precautions and user advisories.
Preventive Measures and User Notifications
Affected users were swiftly informed about the security risks and were advised to uninstall the fake application and revert to the legitimate version of WhatsApp. Notably, the attack exploited usersโ trust, as the unauthorized app was not listed on major official app stores like Google Play or the Apple App Store.
Understanding the Attack Methodology
WhatsAppโs investigation revealed that the attackers employed sophisticated social engineering tactics to capitalize on user confidence in popular applications. This targeted approach, rather than a mass distribution strategy, suggests a deeper intention behind the operation, possibly linked to larger espionage activities.
The Role of SIO Spa in Cybersecurity
SIO Spaโs Asigint has a notorious reputation in developing high-grade spyware tools. Reports from reliable sources indicated that the firm was involved in creating harmful applications, such as those under the code name Spyrtacus, which posed security threats through deceptive disguises.
Legal Actions Underway
WhatsApp has announced plans to send formal legal notices to Asigint, demanding the cessation of all malicious dealings. This step emphasizes the necessity of holding spyware vendors accountable as an integral measure in safeguarding user privacy against such digital infringements.
Staying Vigilant Against Digital Threats
This incident serves as a crucial reminder about the escalating challenges in digital security practices globally. Users are encouraged to remain diligent by only downloading trusted apps while being wary of suspicious downloads, particularly concerning messaging and financial applications.
Concluding Thoughts on Digital Safety
The recent WhatsApp incident illustrates an ongoing battle between privacy-centric platforms and surveillance-oriented actors. While legitimate services offer robust encryption to protect user communications, attackers will continually seek novel tactics to breach these safeguards. Enhanced awareness, legal measures, and user education stand as the most effective strategies against these evolving risks.
Connect with the author on social media: @securityaffairs, Facebook, and Mastodon.
Pierluigi Paganini
(Source: SecurityAffairs โ Hacking, WhatsApp)
This HTML format optimally structures the article with relevant headings, engaging content, and essential keywords, all while maintaining a clear narrative flow.
