Meta has informed around 200 iPhone and Android users that they had installed a manipulated version of WhatsApp. An Italian spyware company is believed to be behind the attack.
WhatsApp: What happened
Meta has identified approximately 200 users who fell victim to a targeted social engineering attack. The affected users – predominantly in Italy – were tricked into installing a fake version of WhatsApp that was not distributed through the App Store or Google Play, but rather through unspecified third-party channels.
The manipulated app mimicked the appearance of WhatsApp but apparently served to gain access to the victims' devices. Meta emphasized to the Italian news agency ANSA that this was not a security vulnerability in WhatsApp itself, but rather an externally orchestrated attack using an unofficial client.
Italian spyware company as originator
WhatsApp has confirmed that it has taken action against the Italian company Asigint, which is controlled by Sio Spa. Asigint is allegedly responsible for developing and distributing the malicious app. No public information is yet available regarding the exact identities of the victims or what data may have been compromised.
All affected users were automatically logged out of their WhatsApp accounts and received a warning highlighting the security and privacy risks. Meta urged those affected to reinstall WhatsApp exclusively through the official app stores.
Distribution channel remains unclear – DMA debate lingers
The question of how the fake app got onto the victims' devices is particularly crucial. The Italian newspaper La Repubblica only reports that it was distributed outside of official app stores. It remains unclear whether older methods such as certificate-based installations were used or whether the sideloading options permitted by the EU's Digital Markets Act (DMA) played a role.
This issue touches on an ongoing debate: Apple has repeatedly warned that forcibly opening iOS to alternative app marketplaces could compromise user security. Whether the current case is related to this cannot be confirmed based on the available information.
WhatsApp as a recurring destination
This incident is the latest in a series of security issues surrounding WhatsApp. Just at the beginning of the year, Meta introduced new anti-spyware features for WhatsApp, including stricter account settings designed to counteract targeted attacks. Furthermore, at the end of 2025, a vulnerability was discovered that had remained undetected for eight years and had potentially exposed billions of phone numbers.
This latest case demonstrates once again that social engineering – the targeted manipulation of people rather than exploiting technical vulnerabilities – remains one of the most effective attack methods. Anyone using WhatsApp should only download the app from the Apple App Store or Google Play Store and consistently ignore suspicious prompts to install alternative versions. (Image: Shutterstock / JarTee)
- Apple Sports is now showing all the Teams of the FIFA World Cup 2026
- iPad Air 3 lands on Apple's vintage list
- AirTag 2: Update improves stalking protection
- Tim Cook's memo on Apple's 50th birthday
- AirPods Max 2: Apple still sees potential in the H2 Chip
- Tim Cook in an interview: "It is definitely still his company"
- AirPods Max 2 available starting today
- Apple patches iOS 18 against DarkSword exploit
- Iran war threatens India's smartphone exports – Apple has the advantage
- MacBook sales in 2026: Apple defies the market slump
- ChatGPT in CarPlay: OpenAI brings AI chat to the car
- Apple declares three devices vintage and obsolete
- NASA Artemis II: Rocket launch is recorded immersively
- iOS 26.5 Beta 1: All new features at a glance
- AirPods Max 2: First Reviews at a glance
- Apple introduces privacy rules for third-party providers
- WhatsApp is testing a CarPlay app with a new interface
- Apple is testing a new audio feature for third-party providers
- Apple is preparing to introduce advertising in Maps with iOS 26.5
- iOS 26.5 opens the system to accessories in the EU
- iOS 26.5 introduces new Subscription features in the App Store
