- The Spyware manufacturer Sio suspected to be behind ‘Spyrtacus’, a new spyware not so new
- He previously found on Google Play, but now largely on Phishing websites
- A convincing paper path links Spyrtacus back to Sio and a subsidiary
At least three Android applications have been identified as spy software, and researchers believe that the SIO developer, who sells his products to the Italian government, is responsible.
At the end of 2024, an anonymous security researcher raised his concerns about applications with TechCrunch, who later sent the concerns to Google and the cybersecurity firm Lookout; What confirmed the applications in question, which sought to be popular applications such as WhatsApp, and support services for telephone operators, were Spyware.
Lookout identified spyware as ‘Spyrtacus’, with reference to the malware found in the code. Both IT and a second cyber security firm who asked not to be named discovered that Spyrtacus could steal texts, chats, calls and contacts, as well as record environmental audio and images directly from the microphones and cameras of a device.
Sio’s Spyrtacus Spyware
Connecting sio to Spyrtacus is a path of convoluted paper, but it can be done. For researchers Techcrunch He spoke with a series of command and control servers (C2) were linked to the old Startup Assigint, now a known subsidiary of SIO that is directly involved in the production of “Inatratria Computer” software (PDF, originally in Italian). The Intercept Academia of Italy, which issues certifications of compliance with Spyware developers, lists SIO as a certification holder for a product, Sioagent, which has assign.
Finally, the CEO of Assigint, Michele Fiorentino, confirmed on LinkedIn that he worked at ‘Spyrtacus Project’ in another company linked to Sio C2 servers, DataForense.
Kristina Balaam, a lookout researcher, found 13 Spyrtacus samples in total dating from 2019 to October 2024. However, Ed Fernández, a Google spokesman, trusted that “there are no applications that contain this malware [can currently be] Found on Google Play, ”and confirmed that his App Store has had Spyrtacus protection instead since 2022.
This may not have done much to stop the operation; Kaspersky, an antivirus software company with its own amount of controversy about privacy concerns, which is in a 2024 report that the Spyrtacus distribution had largely changed Google Play to false but convincing imitations of the websites of the websites of Italian Internet Services Suppliers (ISP).
The Italian government already has a heartbreaking form to enable spyware manufacturers; In February 2025, the Israeli Spyware developer Paragon Solutions canceled his own contract with the Italian government after being caught violating the ‘ethical framework’ established in him invading the privacy of seven Italian citizens and several others throughout Europe.
It becomes darker when Italian telephone operators have actively found surveillance (originally in Italian) and the Italian Ministry of Justice for their services, and that says nothing from the previous two decades during which spy companies such as Hacking Team , Cy4Gate, RCS Lab and Raxir have called Italy Home.
