WhatsApp says it has notified about 200 users who were tricked into installing a maliciously fake version of the chat app that contained spyware.
WhatsApp has accused Italian spyware maker SIO of creating a fake version of its iPhone messaging app, according to a statement the company shared with TechCrunch.
“Our security team has proactively identified approximately 200 users primarily in Italy who we believe may have downloaded this malicious unofficial client,” WhatsApp said in its statement. “We disconnected them, notified them [them] to the risks to their privacy and security of downloading fake unofficial clients and encouraged them to remove it and download the official WhatsApp app.”
WhatsApp spokeswoman Margarita Franklin told TechCrunch that, at this time, the company cannot share more information about the users it notified, such as whether they were journalists or members of civil society.
“Our priority has been to protect users who may have been tricked into downloading this fake iOS app,” Franklin said.
In its statement, WhatsApp also said it plans to “send a formal legal demand to stop any such malicious activity to this spyware company.”
Italian newspaper La Repubblica and news agency ANSA first reported the news.
Last year, TechCrunch revealed that SIO was behind a number of malicious Android apps that contained its spyware, including fake versions of WhatsApp, as well as fake customer support tools for mobile phone providers. The SIO spyware was identified by the name Spyrtacus, a word that appeared in the spyware’s code.
Contact us
Do you have more information about SIO or other spyware manufacturers? From a non-working device, Lorenzo Franceschi-Bicchierai can be reached securely on Signal at +1 917 257 1382 or via Telegram, Keybase and Wire @lorenzofb or via email.
Using fake apps against surveillance targets is a well-established tactic used by authorities in Italy, who often work with mobile operators, who send phishing links to their customers on behalf of law enforcement.
SIO develops government spyware; through it subsidiary ASSIGNMENT.
Apple and SIO did not respond to a request for comment.
WhatsApp’s latest announcement comes a year after the company notified about 90 users that they had been targeted with spyware made by US-Israeli surveillance technology company Paragon Solutions. WhatsApp sent these notifications to journalists and pro-immigration activists, among others, sparking a widespread scandal across Italy.
In response, Paragon severed ties with Italy’s spy services, which were its clients.
