Did you know Advanced Spyware Found Masquerading as Popular Apps to Secretly Harvest User Data

 

Top spyware maker SIO which is based in Italy has been accused of masquerading behind popular platforms such as WhatsApp to steal private data from targeted devices.

The news was confirmed by TechCrunch who mentioned how SIO is famous for selling products to leading clients in the government so this behavior was astonishing. It was stealing private data without victims knowing. They were most likely government spyware present in Italy against certain victims. As per TechCrunch, Google and different mobile security companies like Lookout were designed to analyze those apps. They confirmed from the findings that they were indeed spyware.

The alarming discovery means government spyware is not limited to a single category but is very diverse. Not only are there many companies creating spyware but they’re using the most advanced techniques to target others. In recent times, we’ve seen countries like Italy get embroiled in various scandals that entailed the use of spying tools made by Paragon which is Israeli in origin.

That company could target users on WhatsApp with ease and steal their information from devices that were under the ownership of journalists and other media personnel. Other victims targeted included NGO founders who assisted with migrant rescue missions inside the Mediterranean.

In cases of malicious app samples shared with tech news outlet TechCrunch, the spyware maker and the government client used sophisticated hacking methods. They would produce and distribute malicious platforms belonging to Android that act like popular apps including WhatsApp and client support tools provided by cellphone companies.

This is why security searchers are concluding that the spyware is dubbed Spartacus and it’s a serious malware. It entails all the hallmarks of government spyware including stealing messages and chats through Facebook Messenger and WhatsApp for purposes like surveillance.

All samples shared were created by SIO which is known for selling spyware to the government of Italy. So far, the government of Italy has not commented on the controversial issue but it’s very alarming if that’s the case.

SIO also failed to reply on the matter despite several attempts to get in touch. What we know is that the oldest sample featuring malware was detected in 2019 and the latest one dates to October of last year.

One researcher found how the company witnessed 13 different samples across the wild. So far, Google has confirmed that no infected apps were found on the Google Play Store related to this detection. They’ve also shared how Android enabled protection for it since the start of 2022.

A report shared in 2024 by Kaspersky mentioned how those behind the Spartacus started to distribute the malware via apps inside Google Play in the year 2018. In the year after that, they made the switch to hosting apps on dangerous pages to appear that they belonged to some of the Italian government’s leading internet providers.