Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

WhatsApp Alerts 200 Users to Fake iOS App Spyware Incident; Italian Firm Faces Action


WhatsApp has alerted approximately 200 users who installed fake iOS apps that were infected with spyware, prompting an investigation by the company against the Italian firm behind the scam. This incident highlights the ongoing struggle against sophisticated cyber threats and the need for greater international cooperation to combat them.

  • Approximately 200 WhatsApp users in Italy were targeted by a bogus app that mimicked the popular messaging platform, allegedly created by Asigint, an Italian subsidiary of spyware company SIO.
  • The attackers used social engineering tactics to entice users into installing malicious software, which was later found to be linked to SIO's malicious Android apps masquerading as WhatsApp and other popular applications.
  • WhatsApp alerted its affected users, advising them to uninstall any malware-laced apps and download the official app, and also announced that it would take legal action against Asigint for allegedly creating a counterfeit version of WhatsApp.
  • The incident highlights concerns about Italy becoming a "spyware hub" with various Italian companies selling surveillance tools, including those used by SIO and Asigint.
  • The recent alert is not an isolated incident; WhatsApp had previously alerted users to a spyware attack in December 2025, linked to SIO's malicious Android apps masquerading as WhatsApp and other popular applications.



    • Meta-owned messaging platform WhatsApp recently alerted approximately 200 users who had inadvertently installed a bogus version of its iOS app that was infected with spyware. This incident highlights the ongoing struggle against sophisticated cyber threats, particularly those utilizing social engineering tactics to trick unsuspecting individuals into installing malicious software.

    The affected users, primarily located in Italy, are believed to have been targeted by Asigint, an Italian subsidiary of spyware company SIO, which has a history of creating counterfeit versions of popular apps. According to reports from the Italian newspaper La Repubblica and news agency ANSA, the threat actors behind this incident employed social engineering tactics to entice users into installing malicious software that mimicked WhatsApp.

    WhatsApp swiftly took action by alerting its affected users, advising them to uninstall any malware-laced apps and download the official app. The tech giant also announced that it would be taking legal action against Asigint for allegedly creating a counterfeit version of WhatsApp.

    Asigint's involvement in this incident is notable, given the company's reputation as a vendor of surveillance tools, including Cy4Gate, eSurv, GR Sistemi, Negg, Raxir, and RCS Lab. This has led to concerns about Italy becoming a "spyware hub," with various Italian companies selling such technology.

    The recent WhatsApp alert is not an isolated incident; the messaging platform had previously alerted users to a spyware attack in December 2025, which was linked to SIO's malicious Android apps masquerading as WhatsApp and other popular applications. These apps utilized a spyware family called Spyrtacus, which stole private data from target devices.

    This incident serves as a stark reminder of the risks associated with mobile security and the ever-evolving nature of cyber threats. The involvement of Asigint and SIO raises questions about the efficacy of current laws and regulations governing the use of surveillance tools, particularly in European countries like Italy and Greece.

    In January 2026, Spain's High Court closed its probe into the use of NSO Group's Pegasus to spy on Spanish politicians, citing a lack of cooperation from Israeli authorities. This case underscores the global scope of such threats and the need for greater international cooperation to combat them.

    The Italian government has taken steps to address these concerns, with a new law passed in 2022 that legalized government use of surveillance tools under strict conditions. However, Amnesty International has questioned the transparency of this arrangement, highlighting the importance of accountability and remedy for victims of human rights violations brought about by the unlawful use of such technology.

    The incident also brings attention to the role of AI in the development and deployment of spyware. Experts have long warned about the risks associated with AI-driven threats, which can be particularly challenging to detect and respond to. The development of sophisticated tools like Spyrtacus underscores the need for robust cybersecurity measures and proactive threat intelligence strategies.

    The recent WhatsApp incident serves as a stark reminder of the importance of vigilance in the face of emerging cyber threats. As the use of spyware continues to evolve, it is crucial that governments, organizations, and individuals remain vigilant and take proactive steps to protect themselves against such risks.

    In conclusion, the recent WhatsApp alert highlights the ongoing struggle against sophisticated cyber threats, particularly those utilizing social engineering tactics to trick unsuspecting individuals into installing malicious software. The involvement of Asigint and SIO underscores the need for greater international cooperation and robust cybersecurity measures to combat these threats.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/WhatsApp-Alerts-200-Users-to-Fake-iOS-App-Spyware-Incident-Italian-Firm-Faces-Action-ehn.shtml

  • https://thehackernews.com/2026/04/whatsapp-alerts-200-users-after-fake.html

  • https://techcrunch.com/2026/04/01/whatsapp-notifies-hundreds-of-users-who-installed-a-fake-app-that-was-actually-government-spyware/

  • https://attack.mitre.org/versions/v16/software/S0507/

  • https://www.vice.com/en/article/government-spyware-firm-that-put-rogue-apps-on-play-store-goes-bankrupt/

  • https://www.vice.com/en/article/government-spyware-maker-doxes-itself-by-linking-to-its-site-in-malware-code/

  • https://negg.blog/en/malware-hidden-and-dangerous-cyber-threats/

  • https://thehackernews.com/2024/02/meta-warns-of-8-spyware-firms-targeting.html

  • https://www.vice.com/en/article/malware-hunters-catch-new-android-spyware-raxir/

  • https://www.reddit.com/r/razer/comments/112w4q8/do_not_download_razer_synapse_task_manager_its_a/

  • https://en.wikipedia.org/wiki/Hermit_(spyware)

  • https://www.lookout.com/threat-intelligence/article/hermit-spyware-discovery

  • https://techcrunch.com/2025/02/13/spyware-maker-caught-distributing-malicious-android-apps-for-years/

  • https://www.ibtimes.sg/whatsapp-busts-italian-spyware-firm-that-tricked-200-users-fake-app-84933

  • https://en.wikipedia.org/wiki/Pegasus_(spyware)

  • https://www.exploresec.com/pegasus-malware

  • https://www.socinvestigation.com/comprehensive-list-of-apt-threat-groups-motives-and-attack-methods/

  • https://cloud.google.com/security/resources/insights/apt-groups

  • https://attack.mitre.org/groups/

  • https://socradar.io/iran-israel-cyber-conflict-dashboard/


    • Published: Thu Apr 2 07:13:06 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us