WhatsApp has issued a security warning after identifying a spyware campaign that tricked hundreds of users into downloading a fake version of its messaging app.
The Meta-owned platform alerted around 200 users who were targeted in the attack, which involved a counterfeit WhatsApp application embedded with spyware.
The malicious app designed to mimic the official WhatsApp interface, was used to infiltrate victims’ devices and potentially access sensitive personal data. The campaign is believed to have been highly targeted, with most affected users located in Italy.
WhatsApp said the spyware operation was linked to an Italian surveillance technology firm, highlighting growing concerns about the misuse of commercial spyware tools by both private entities and state-linked actors.
In a related advisory, the company warned that the fake app was not distributed through official app stores, but instead installed through unofficial channels likely using techniques that bypass standard security protections on smartphones.
The company has since moved to contain the threat and is working with platform providers to prevent further spread of the malicious software. It also urged users to only download apps from trusted sources like official app stores and to remain cautious of links or prompts encouraging external downloads.
This incident marks the latest in a series of spyware-related threats targeting messaging platforms which reveals the increasing sophistication of cyberattacks aimed at compromising user privacy and data security.
Join BusinessDay whatsapp Channel, to stay up to date
Open In Whatsapp
