WhatsApp has revealed a targeted spyware campaign that tricked around 200 users into downloading a malicious version of its platform, raising fresh concerns over the growing sophistication of digital surveillance tools.
The messaging service, owned by Meta Platforms, said the attack involved impersonating WhatsApp through a fake application designed to infiltrate user devices and extract sensitive data.
According to the company, the campaign has been linked to an Italian surveillance firm known as SIO, whose cyber intelligence unit allegedly developed the spyware used in the operation.
Highly targeted social engineering attack
Unlike widespread cyberattacks, WhatsApp described this operation as “highly targeted”, with attackers focusing on a limited group of individuals rather than deploying malware at scale.
Victims were reportedly deceived into installing the fake app, believing it to be a legitimate version of WhatsApp. Once installed, the spyware enabled unauthorised access to user data and activity, highlighting the effectiveness of social engineering tactics in bypassing conventional security measures.
Most of those targeted were believed to be based in Italy, although the company did not disclose identities or further details about the individuals affected.
Silence from authorities and company
The surveillance firm at the centre of the allegations did not respond to requests for comment. Italian authorities also declined to provide clarity, with the interior ministry referring queries to law enforcement agencies, which have yet to issue a public statement.
The lack of transparency has added to concerns over the accountability of private firms developing surveillance technologies for government clients.
Growing scrutiny of spyware industry
This marks the second time in recent months that spyware activity linked to Italy has been disrupted, underscoring a broader pattern in the global surveillance landscape.
The incident is likely to intensify scrutiny of commercial spyware vendors, many of which operate in a legal grey area while supplying tools to governments and law enforcement agencies.
Rising risks for users
Security experts warn that attacks involving fake apps are becoming increasingly difficult to detect, particularly as they mimic trusted platforms with high accuracy.
The case also reinforces the need for users to download apps only from official sources and remain cautious of unsolicited links or installation prompts.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
