Meta’s communication platform, WhatsApp, has issued a warning to approximately 200 individuals who unknowingly installed a counterfeit iOS application embedded with spyware. Most of those affected reside in Italy, as reported by Italian media sources La Repubblica and ANSA. The perpetrators employed social engineering techniques to persuade users into downloading a malicious app designed to resemble WhatsApp.
WhatsApp’s Response to the Threat
All impacted users have been logged out of their accounts and advised to remove the infected applications. They are urged to download the legitimate version of WhatsApp from authorized sources. The company has not disclosed the identities of those targeted in this cyber attack. Furthermore, WhatsApp is pursuing legal actions against Asigint, an Italian subsidiary of the spyware enterprise SIO, which is accused of developing the fake WhatsApp app.
Asigint markets its products as tools for law enforcement and intelligence operations, offering solutions for monitoring and intelligence gathering. This recent incident follows a series of similar spyware-related threats, drawing attention to the growing risks of surveillance technology misuse.
Historical Context of Spyware Activities
Previously, SIO was implicated in deploying malicious Android apps that posed as WhatsApp and other popular applications, as reported by TechCrunch in December 2025. These apps, which belonged to the Spyrtacus spyware family, were used to extract sensitive information from devices, allegedly targeting unknown individuals in Italy for a government client.
Italy is home to several companies specializing in surveillance tools, including Cy4Gate, eSurv, and RCS Lab, earning it the reputation of a “spyware hub.” This situation is part of a broader European context, where countries like Greece and Spain have faced similar controversies involving spyware technology.
European Spyware Scandals
Greece recently witnessed legal proceedings against Tal Dilian, founder of the Intellexa Consortium, and his colleagues for their involvement in unauthorized spyware activities targeting high-profile individuals. This case, known as Predatorgate, led to a European Parliament investigation and brought significant scrutiny to the use of surveillance tools.
Similarly, Spain’s judicial system closed an investigation into the use of NSO Group’s Pegasus spyware, which had been deployed against Spanish political figures. The inquiry stalled due to non-cooperation from Israeli authorities. Both Intellexa and NSO Group assert that their technologies are sold exclusively to governments for combating serious crimes and enhancing national security.
As spyware incidents continue to emerge across Europe, the need for transparency and accountability in the deployment of surveillance technologies remains a pressing concern. These developments highlight ongoing debates about privacy and security in the digital age.
