WhatsApp is sounding the alarm after spotting a targeted campaign around a fake version of its application. Around 200 users would have been affected, according to the company, which specifies that the majority of cases are in Italy. The scenario is quite simple: victims are encouraged to install an application presented as WhatsApp… but which is not one. Once in place, this hijacked version embeds spyware capable of accessing certain smartphone data.
A misleading, but effective imitation
« Our security team has identified around 200 users (…) who may have downloaded this unofficial and malicious client “, explains WhatsApp. As a precautionary measure, the affected accounts have been disconnected and users notified. The good news is that the official application is not at fault. WhatsApp insists: this is not an internal security breach. End-to-end encryption always works as expected. The problem only comes from downloading a fraudulent application outside the usual channels.
Behind this fake application, WhatsApp points the finger at an Italian company specializing in surveillance technologies, SIO, via its subsidiary Asigint. The Meta group announces that it wants to take legal action to stop these practices. This type of case is not new. Already last year, WhatsApp had alerted several dozen people, including journalists and activists, targeted by another spyware developed by a different company. The affair caused a stir and led to terminations of contracts with Italian agencies.
The methods change little: rather than looking for a technical flaw, attackers work on user confidence. A link, an apparently official application, and that’s it. WhatsApp takes the opportunity to remind you of a simple but essential rule: always go through official stores to download your applications. “ We strongly encourage users to remove any unofficial applications », Underlines the company.
This type of attack is based on a fairly basic, but extremely effective, principle: making users do themselves what a hacker cannot always do remotely. Installing malware then becomes unintentional… but the consequences can be catastrophic. Unsurprisingly, the messaging service promises to remain vigilant and continue to act against spyware actors. For his part, the user does not have much room for maneuver, other than adopting good reflexes.
🟣 To not miss any news on the WorldOfSoftware, follow us on Google and on our WhatsApp channel. And if you love us, .
