- Spyware maker sio suspected of being behind “Spyrtacus”, a new unlike software
- It has already been found on Google Play but now largely on phishing websites
- A convincing paper trail connects Spyrtacus to Sio and a subsidiary
At least three Android applications have been identified as spy software, and researchers think that the developer SIO, who sells his products to the Italian government, is responsible.
At the end of 2024, an anonymous security researcher raised his concerns about applications with Techcrunch, who then transmitted concerns to Google and the cybersecurity company; This confirmed the applications in question, which claims to be popular applications like WhatsApp and support services for telephone operators, were spy software.
Lookout identified spy software as “Spyrtacus”, in reference to the malware itself found in the code. At the same time and a second cybersecurity company that asked not to be named has noted that Spyrtacus could steal texts, cats, calls and contacts, as well as to record the ambient audio and imagery directly to Starting from the microphones and cameras of a device.
SIO’s Spyrtacus Spyrtacus Spyware
The connection of SIO to Spyrtacus is a convoluted paper path, but it can be done. By researchers Techcrunch According to him, a certain number of command and control servers (C2) were linked to the old asigrant startup, now a known subsidiary of SIO which is directly involved in the production of “computer listening” software ” (PDF, originally in Italian). The Academy of Legal Interception of Italy, which issues certifications of compliance with Spy Software Developers, lists SIO as a certificate holder for a product, SioAgent, which has asiginated.
Finally, the CEO of Asigint, Michele Fiorentino, confirmed on Linkedin that he worked on “Spyrtacus Project” in another company linked to SIO C2 servers, Dataforsense.
Kristina Balaam, researcher at Lookout, found 13 Spyrtacus samples in total which dated 2019 to October 2024. However, Ed Fernandez, spokesperson for Google, was convinced that “no application containing this malware [can currently be] Found on Google Play ”, and confirmed that its App Store had protection against Spyrtacus in place since 2022.
It may not have done much to slow down the operation; Kaspersky, an antivirus software company with its own share of controversy on confidentiality problems, found in a 2024 report that the distribution of Spyrtacus had largely changed Google Play games to false but convincing imitations of Italian websites Internet service providers (ISP).
The Italian government already has a painful form to allow manufacturers of spy software; In February 2025, the Israeli developer of spy software Paragon Solutions canceled his own contract with the Italian government after being surprised violating the “ethical framework” which is established by encroaching on the privacy of seven Italian citizens and several others across Europe.
It becomes more troubled when Italian telephone operators have been actively found surveillance (originally in Italian) and being paid by the Italian Ministry of Justice for their services, and that says nothing of the previous two decades during which Spyware companies such as the hacking team, CY4GATE, RCS, RCS, the laboratory and the RAXIR called Italy at home.
