Cybersecurity researchers from Lookout have discovered a spyware called Spyrtacus, which disguises itself as a WhatsApp clone. While initially targeting Italian users, there are growing concerns that similar tactics could be employed against users in India, given the widespread adoption of WhatsApp in the country.
Spyrtacus: A Growing Threat to Digital Security
Spyrtacus was first reported by TechCrunch and later analyzed by Lookout. Unlike traditional malware that exploits software vulnerabilities, Spyrtacus relies on social engineering. Users are tricked into downloading the fake app through fraudulent websites that resemble legitimate telecom providers. Given India’s massive mobile user base, similar tactics could target Airtel, Jio, Vi (Vodafone Idea), and BSNL users.
How Spyrtacus Compromises Devices
Once installed, Spyrtacus gains access to:
- SMS messages and chats from WhatsApp, Signal, and Messenger.
- Call logs and live call recordings.
- Ambient audio and images via the device’s microphone and camera.
While primarily affecting Android users, researchers believe versions for Windows, iOS, and macOS are under development. This raises alarms for Indian users, given the increasing use of cross-platform devices in both professional and personal spaces.
Is Government Surveillance Involved?
While there is no direct evidence linking Spyrtacus to the Indian government, past incidents indicate spyware tools being used for surveillance purposes. Similar cases, such as the Pegasus spyware scandal, highlight the risk of government agencies leveraging malware for monitoring journalists, activists, and opposition figures.
The spyware’s language settings, targeting patterns, and connections to surveillance firms suggest possible state-backed involvement in Italy. If such tactics are replicated in India, it could lead to serious privacy concerns for individuals and organizations alike.
Google’s Response and Historical Context
Google has confirmed that Spyrtacus is not available on the Play Store. However, past variants were found on Google Play in 2018 before attackers shifted to spreading the malware through malicious websites. Since 2019, Lookout has identified 13 different versions, with the latest detected in October 2024.
What This Means for Indian WhatsApp Users
WhatsApp users in India have previously been targeted by spyware. Earlier in 2024, WhatsApp issued alerts to journalists and civil society members in the country about potential spyware attacks. This raises the concern that Spyrtacus or similar threats could be used for surveillance in India.
How to Stay Protected
To safeguard against spyware like Spyrtacus, Indian users should:
- Only download apps from official sources like the Google Play Store or Apple App Store.
- Avoid clicking on suspicious links from unknown sources, especially those claiming to offer exclusive WhatsApp features.
- Keep software updated to patch vulnerabilities exploited by spyware.
- Use security tools such as anti-malware software to detect suspicious applications.
The Future of Cybersecurity in India
As spyware tactics evolve, Indian users must remain vigilant. The responsibility falls on tech companies, regulatory bodies, and individuals to enhance digital security. The pressing questions remain: Will Indian authorities take proactive measures to counter such spyware? And how can individuals strengthen their digital defenses in an increasingly interconnected world?
As a young independent media outlet, EOTO.tech needs your support. Follow us and add us to your favorites on Google News. Thank you!
