Approximately 200 WhatsApp users in Italy were recently warned by Meta about a spyware attack targeting their devices. This was not through official app stores but a deceptive version of the app spread through social engineering methods.
Spyware Distribution Tactics
The malicious application was crafted to closely resemble the official WhatsApp app, enticing users to download it as an update or exclusive version. However, this clone was a Trojan horse, embedding high-level spyware.
The campaign was led by ASIGINT, a technology firm from Italy, associated with SIO Spa, known for surveillance technologies. ASIGINT promoted the spyware through unofficial means, bypassing the security of major app stores.
Implications of the Spyware
Termed “Spyrtacus,” the embedded malware allowed intruders to access private data on compromised devices, including text messages, call logs, and even audio and video recordings. This breach leveraged human psychology rather than exploiting software vulnerabilities.
Meta’s security team identified the affected users, mostly in Italy, and took action to disconnect their accounts from these unauthorized applications, safeguarding their data.
Preventive Measures and Company Response
Meta assured that no vulnerabilities in the official WhatsApp app were exploited, maintaining that its encryption remains secure. The company monitors for unauthorized access and advises affected users to uninstall the app and secure their devices.
Past incidents involving SIO Spa have shown similar tactics, with this attack representing a more sophisticated threat as it now targets both Android and iOS devices.
Users are urged to remove unofficial apps and conduct thorough security checks on their devices. A factory reset and reinstallation of WhatsApp from trusted sources are recommended to restore device security.
Stay updated on cybersecurity by following us on Google News, LinkedIn, and X.
