- Attackers can monitor phones silently using only the victim’s phone number
- Probing significantly increases battery drain during continuous delivery receipt exploitation
- Continuous tracking consumes mobile data and interferes with heavy applications
Security researchers have disclosed a tracking technique dubbed “Silent Whisper” that exploits how popular messaging apps handle delivery acknowledgments.
The method targets WhatsApp and Signal by abusing low-level message receipts that are automatically exchanged whenever an app processes incoming network traffic.
By knowing only a phone number, an attacker can repeatedly probe a device without sending visible messages or triggering notifications.
Impact on battery life and data usage
Silent Whisper operates below the user interface, making detection unlikely during normal phone use.
Tests on multiple smartphones showed unusually high battery consumption during probing activity.
Under normal conditions, idle phones typically lose less than 1% battery per hour.
During testing, an iPhone 13 Pro lost 14% per hour, an iPhone 11 lost 18% per hour, and a Samsung Galaxy S23 lost 15% per hour.
Applying the same approach to Signal resulted in only 1% battery loss per hour due to stricter rate limiting.
Continuous probing also consumes mobile data and disrupts bandwidth-heavy applications such as video calls.
The tracking method relies on measuring round-trip times for delivery receipts.
These response times vary depending on whether a phone is active, idle, offline, connected to WiFi, or using mobile data.
Stable and fast responses can suggest that a device is actively used at home, while slower or inconsistent timings may indicate movement or weaker connectivity.
Over extended periods, these patterns can reveal daily routines, sleep schedules, and travel behavior without accessing message content or contact lists.
Although academic research described the vulnerability previously, a publicly available proof-of-concept tool has now demonstrated its practicality.
The tool allows probes at intervals as short as 50ms, enabling detailed observation without alerting the target.
The developer warns against misuse and emphasizes research intent, yet the software remains accessible to anyone.
This raises concerns about widespread abuse, especially since the vulnerability remains exploitable as of December 2025.
Disabling read receipts reduces exposure for standard messages but does not fully block this technique.
WhatsApp offers an option to block high-volume messages from unknown accounts, although the platform does not define enforcement thresholds.
Signal provides additional controls, yet researchers confirmed that probing remains possible.
Traditional antivirus software does not detect protocol-level misuse.
Services marketed for identity theft protection or malware removal offer limited value when no malware is installed on the device.
This risk is less about data theft and more about persistent behavioral monitoring that users cannot easily observe or verify.
Via Cybernews
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/qjvgLwMCbh6SLCozPozNSj-2560-80.jpg
Source link
