In December 2025, TechCrunch reported that SIO was behind a set of malicious Android apps that masqueraded as WhatsApp and other popular apps but stole private data from a target’s device using a spyware family called Spyrtacus. The apps are believed to have been used by a government customer to target unknown victims in Italy.

SIO is one of the many Italian companies selling surveillance tools, including Cy4Gate, eSurv, GR Sistemi, Negg, Raxir, and RCS Lab, turning the country into a “spyware hub.”

Early last year, WhatsApp alerted around 90 users that they were targeted with Paragon Solutions’ spyware known as Graphite. Then, in August 2025, it notified less than 200 users who may have been targeted as part of a sophisticated campaign by chaining together zero-day vulnerabilities in iOS and the messaging app.