GoKawiilItaly’s Agenzia Nazionale Stampa Associata (ANSA) reports that Meta has issued an alert to approximately 200 users who were tricked into downloading a fake version of WhatsApp. Here are the details.
According to the report, Meta issued an alert to approximately 200 iPhone and Android users, most of them Italians, who were victims of a social engineering attack that tricked them into installing a malicious fake version of WhatsApp.
WhatsApp told ANSA:
“Our security team identified around 200 users, most of them in Italy, who we believe may have downloaded this unofficial and malicious client. We logged them out and warned them about the privacy and security risks. […] We believe this was a social engineering attempt targeting a limited number of users, aimed at convincing them to install malicious software that mimicked WhatsApp, likely to gain access to their devices.”
WhatsApp also confirmed it took action against Italian spyware firm Asigint, which is controlled by Sio Spa and is believed to be behind the attack.
There are currently no details about the identities of the victims, nor what data (if any) may have been accessed. WhatsApp says users were logged out of their accounts when the malicious app was discovered, and they also received the following alert (via TechCrunch):
It is also unclear what method was used to trick the users into installing the fake version of WhatsApp. According to la Repubblica, the distribution of the app happened “not through official channels such as the Google Play Store or Apple’s App Store, but through less controlled third party channels”
La Repubblica does not specify what those “third-party channels” were, making it impossible to determine whether this relied on older techniques such as certificate-based installs, or on newer sideloading possibilities introduced as a result of the DMA.
Finally, WhatsApp emphasized that this did not involve a vulnerability in its platform, but rather the use of an unofficial WhatsApp client.
Worth checking out on Amazon