WhatsApp has alerted hundreds of users after uncovering a covert spyware campaign that disguised itself as a legitimate version of its messaging app.
The company said around 200 users were tricked into downloading a counterfeit WhatsApp application that was, in reality, a sophisticated piece of government-grade spyware. The campaign primarily targeted iPhone users, with many of the victims believed to be based in Italy.
According to WhatsApp, the malicious app was developed by SIO, an Italian surveillance technology firm that builds tools for law enforcement and intelligence agencies. Distributed outside official app stores, the fake software mimicked WhatsApp’s interface closely enough to deceive users into installing it, granting attackers deep access to personal data.
Once installed, the spyware could monitor communications, harvest sensitive information and potentially track user activity without detection. WhatsApp said it proactively identified affected accounts, logged users out, and issued direct warnings urging them to delete the app and reinstall the official version.
The company has also taken legal action, sending a formal demand to the spyware maker to halt its activities. While SIO has not publicly responded, the incident raises fresh concerns about the expanding commercial spyware industry and its ties to state actors.
What makes this episode particularly significant is how the attack was delivered. Rather than exploiting a technical flaw in WhatsApp itself, the campaign relied on social engineering — convincing users to install a fake app that looked legitimate. This method bypasses many traditional security safeguards and highlights a shift toward more deceptive, user-targeted tactics.
It is not the first time WhatsApp users have been caught in the crosshairs of surveillance tools. In 2025, the company notified dozens of journalists and civil society actors that they had been targeted by spyware linked to another firm, underscoring a pattern of increasingly frequent attacks on its global user base.
With more than three billion users worldwide, WhatsApp has become a prime target for spyware developers seeking access to private communications at scale. The platform’s end-to-end encryption protects messages in transit, but incidents like this demonstrate that attackers are increasingly focusing on compromising devices themselves rather than breaking encryption.
Security experts say the case reflects a broader evolution in cyber threats, where advanced surveillance tools once reserved for high-level intelligence operations are now being deployed more widely, often through seemingly harmless apps.
For users, the lesson is clear. Even the most trusted platforms can be undermined if software is installed from unofficial sources. As spyware grows more sophisticated, the weakest link is often no longer the technology, but the trust users place in what appears familiar.
Get the latest new and insights that are shaping the world. Subscribe to Impact Newswire to stay informed and be part of the global conversation.
Got a story to share? Pitch it to us at info@impactnews-wire.com and reach the right audience worldwide
Emmanuel Abara Benson is a business journalist and editor covering artificial intelligence, global markets, and emerging technology.
He has previously worked with Business Insider Africa and Nairametrics, reporting on finance, startups, and innovation.
His work focuses on AI, digital economy, and global tech trends.
Discover more from Impact Newswire
Subscribe to get the latest posts sent to your email.
