Fake WhatsApp spyware alert

WhatsApp’s security team identified about 200 users who had downloaded the malicious unofficial client and proactively logged those accounts out to limit access. (techcrunch.com) Meta attributed the counterfeit client to Italian surveillance firm SIO and its subsidiary ASIGINT, naming the developer group behind the build. (gadgets360.com) SIO has previously been linked to a family of malicious Android apps containing spyware researchers labeled “Spyrtacus,” a pattern TechCrunch traced back to last year. (techcrunch.com) WhatsApp says the campaign used an unofficial iOS client distributed via social‑engineering sideload links rather than exploiting a vulnerability in the official app, and the company urged affected users to remove the fake client and reinstall WhatsApp from vetted stores. (gadgets360.com) WhatsApp told TechCrunch it will send a formal legal demand to SIO and has disconnected the affected accounts while alerting potentially impacted users; Apple and SIO did not respond to requests for comment. (techcrunch.com) The disclosure follows a January 2025 episode in which WhatsApp said roughly 90 users were targeted with spyware attributed to Paragon Solutions, an incident that prompted Paragon to sever contracts with Italian agencies. (techcrunch.com (techcrunch.com)