The platform, owned by Meta, disclosed that about 200 users were directly notified after being identified as potential targets of the operation. The attack centered on a malicious app engineered to closely replicate WhatsApp’s official interface, allowing attackers to gain access to victims’ devices and potentially extract sensitive personal information.
WhatsApp said the fake application was not distributed through authorized app stores but instead spread via unofficial channels. These methods reportedly exploited techniques designed to bypass standard smartphone security protections, increasing the likelihood of successful infiltration.
Early assessments indicate the campaign was highly targeted, with most victims located in Italy. The company linked the activity to an Italian surveillance technology firm, highlighting broader concerns about the misuse of commercial spyware by both private organizations and entities with possible state affiliations.
In response, WhatsApp has taken steps to contain the threat and is working closely with platform providers to curb further distribution of the malicious software. Users have also been advised to download applications only from trusted sources and remain cautious of unsolicited links or prompts encouraging external installations.
The development marks the latest in a series of increasingly sophisticated cyberattacks targeting messaging services, underscoring the evolving risks to user privacy and digital security worldwide.