Italy’s Agenzia Nazionale Stampa Associata (ANSA) reports that Meta has sent out warnings to around 200 users who were deceived into downloading a counterfeit version of WhatsApp. Here are the specifics.
As per the report, Meta alerted about 200 iPhone and Android users, the majority of whom are Italians, who fell victim to a social engineering scheme that led them to install a harmful fake version of WhatsApp.
WhatsApp stated to ANSA:
“Our security team detected approximately 200 users, mainly located in Italy, who we suspect might have downloaded this unofficial and malicious client. We have logged them out and cautioned them regarding the privacy and security hazards. […] We believe this was an attempt at social engineering aimed at a select group of users, intended to persuade them to install harmful software that imitated WhatsApp, likely to obtain access to their devices.”
WhatsApp further confirmed it has taken action against the Italian spyware company Asigint, which is governed by Sio Spa and is thought to be responsible for the attack.
Currently, there are no details regarding the identities of the victims or any data (if any) that might have been compromised. WhatsApp reported that users were logged out of their accounts once the malicious application was identified, and they were also notified.
It remains uncertain how the users were deceived into installing the fraudulent version of WhatsApp. According to la Repubblica, the app’s distribution occurred “not via official sources such as the Google Play Store or Apple’s App Store, but through less regulated third-party channels.”
La Repubblica does not detail what those “third-party channels” were, making it impossible to ascertain whether this utilized older methods such as certificate-based installations or newer sideloading options introduced due to the DMA.
In conclusion, WhatsApp stressed that this was not linked to a vulnerability within its platform, but rather involved the utilization of an unofficial WhatsApp client.