Log In Get Started
Stock Markets April 1, 2026

WhatsApp Says Italian Surveillance Unit Used Fake App to Spy on About 200 Users

Meta-owned messaging service reports targeted campaign by ASIGINT, a subsidiary of northern Italy firm SIO

By Avery Klein
WhatsApp Says Italian Surveillance Unit Used Fake App to Spy on About 200 Users

WhatsApp reported that ASIGINT, a subsidiary of Italian company SIO, deceived roughly 200 people into installing a counterfeit version of WhatsApp that functioned as spyware. The company said the operation was highly targeted, affected users were primarily in Italy, and that SIO and Italian authorities did not respond to inquiries. The incident follows an earlier spyware controversy in Italy exposed in early 2025.

Key Points

  • WhatsApp said ASIGINT, a subsidiary of northern Italy-based SIO, deceived around 200 users into installing a fake WhatsApp app that acted as spyware.
  • The company described the operation as "highly targeted" and said the affected users were "primarily" located in Italy, without providing further identifying details.
  • SIO advertises partnerships with law enforcement and government bodies; SIO and Italian authorities did not respond to requests for comment.

Summary: WhatsApp said on Wednesday that an Italian surveillance firm tricked about 200 people into installing a malicious program that mimicked its messaging application in order to surveil targets. The messaging platform, which is owned by Meta Platforms, attributed the operation to ASIGINT, a unit of SIO based in northern Italy.

In its disclosure, WhatsApp described the episode as "highly targeted," saying the perpetrators used deception to convince victims to download "malicious software that impersonated WhatsApp." The company added that the affected accounts were "primarily" located in Italy but did not provide further identifying details about who the victims were.

SIO's public website describes the firm as offering "high-performance, field-proven cyber intelligence solutions and technology." It also states that SIO partners with "Law Enforcement Agencies, Government Organizations, Police and Intelligence Agencies." WhatsApp said the operation was conducted by ASIGINT, which it identified as a subsidiary of SIO.

Requests for comment to SIO went unanswered. Italy's interior ministry referred questions to police, and police likewise did not reply to inquiries, according to WhatsApp's statement.

This development marks the second time in 15 months that Meta has publicly called out spyware activity tied to Italy. The company noted the country is still grappling with fallout from a surveillance campaign exposed in early 2025 that involved spyware produced by a U.S.-owned firm called Paragon. WhatsApp said that, subsequent to that exposure, Italy and Paragon ended their relationship.

Details of the disclosure

WhatsApp provided limited public detail beyond attributing the campaign to ASIGINT and describing the method used to deploy the spyware: a fraudulent WhatsApp application designed to impersonate the legitimate service. The messaging platform emphasized the targeted nature of the operation but declined to name specific victims or offer technical indicators in its announcement.

Responses from parties involved

SIO did not respond to requests for comment. Italy's interior ministry redirected questions to national police, and authorities did not respond publicly to WhatsApp's inquiries, according to the company's report.

Context

WhatsApp's statement ties into a broader sequence of disclosed surveillance activity in Italy, including the earlier operation linked to Paragon in early 2025. That prior episode prompted the end of the relationship between Italy and Paragon, a development referenced by WhatsApp in its announcement.

Because WhatsApp's disclosure contains limited detail about the identities of affected users and the technical specifics of the malicious software, several questions remain open about the full scope and mechanics of the campaign.

Risks

  • Limited public technical detail - the lack of specifics about how the malicious software operated leaves uncertainty for cybersecurity assessments (impacts cybersecurity and technology sectors).
  • Unidentified victims - WhatsApp did not disclose who the affected users were, which creates risks for privacy and for organizations assessing potential exposure (impacts privacy, communications, and public-sector stakeholders).
  • Potential reputational and regulatory consequences - continued revelations of spyware activity in Italy could sustain scrutiny of surveillance vendors and government procurement practices (impacts defense, government contracting, and cybersecurity markets).

More from Stock Markets

Mexican equities climb as S&P/BMV IPC gains 1.59% at close Apr 1, 2026 Boeing Awarded $900 Million IDIQ Contract to Sustain T-38 Avionics Apr 1, 2026 Colombian equities slip as Financials, Investment and Public Services lead declines Apr 1, 2026 MOEX Russia Index Inches Up as Mining, Power and Manufacturing Stocks Advance Apr 1, 2026 Supreme Court Grapples with Wide-Ranging Legal Challenges to President Trump's Policies Apr 1, 2026