Meta has alerted a small group of iPhone users that they installed a spyware‑laced version of WhatsApp instead of the official app.

The company found that the fake WhatsApp originated from an Italian spyware vendor, Asigint, an SIO subsidiary.

Asigint’s campaign reportedly targeted about 200 people, mostly in Italy. Meta says the fake client did not come from the App Store but from third‑party channels that lacked security guardrails, allowing attackers to persuade victims to download what they believed was a legitimate or special build of WhatsApp.

Meta says it has forcibly logged affected users out of their WhatsApp accounts and issued in‑app warnings.

The company emphasizes that attackers did not exploit any flaw in the real WhatsApp app. Instead, they tricked people into installing a fake version via social engineering.

Meta has described Asigint as a surveillance company that sells tools to monitor targeted technology users, adding that it has taken action against the firm.

Industry reports indicate that mercenary spyware often attempts to steal victims’ messages, microphone recordings, location data, and files after infecting a device, but WhatsApp and Meta have not publicly listed the exact spying functions identified in this case.

As always, smartphone and tablet users are encouraged to only download WhatsApp—or any other mainstream app, for that matter—from either the Apple App Store or Google Play Store.

By Mary Munywoki