- Attackers can monitor phones silently using only the victim’s phone number
- Probing significantly increases battery drain during continuous use of delivery receipt
- Continuous tracking consumes mobile data and interferes with heavy applications
Security researchers have uncovered a tracking technique called “Silent Whisper” that exploits how popular messaging apps handle delivery confirmations.
The method targets WhatsApp and Signal by abusing low-level message receipts that are automatically exchanged when an app processes incoming network traffic.
By knowing only a phone number, an attacker can repeatedly probe a device without sending visible messages or triggering notifications.
Impact on battery life and data usage
Silent Whisper operates below the user interface, making detection unlikely during normal phone use.
Tests on several smartphones showed unusually high battery consumption during probing activity.
Under normal conditions, idle phones typically lose less than 1% battery per hour.
During testing, an iPhone 13 Pro lost 14% per hour, an iPhone 11 lost 18% per hour, and a Samsung Galaxy S23 lost 15% per hour.
Applying the same approach to Signal resulted in only 1% battery drain per hour due to stricter rate limiting.
Continuous probing also consumes cellular data and disrupts bandwidth-heavy applications such as video calls.
The tracking method relies on measuring return times for delivery receipts.
These response times vary depending on whether a phone is active, idle, offline, connected to WiFi, or using cellular data.
Stable and fast responses may indicate that a device is being actively used at home, while slower or inconsistent timing may indicate movement or a weaker connection.
Over longer periods of time, these patterns can reveal daily routines, sleep schedules and travel behavior without accessing message content or contact lists.
Although academic research described the vulnerability earlier, a publicly available proof-of-concept tool has now demonstrated its practicality.
The tool allows probes at intervals as short as 50ms, enabling detailed observation without alerting the target.
The developer warns against misuse and emphasizes research purposes, but the software remains available to all.
This raises concerns about widespread abuse, especially since the vulnerability can still be exploited from December 2025.
Disabling read receipts reduces exposure to standard messages, but does not completely block this technique.
WhatsApp offers an option to block high-volume messages from unknown accounts, although the platform does not define enforcement thresholds.
Signal provides additional checks, yet researchers confirmed that probing remains possible.
Traditional antivirus software does not detect abuse at the protocol level.
Services marketed for identity theft protection or malware removal offer limited value when no malware is installed on the device.
This risk is less about data theft and more about persistent behavioral monitoring that users cannot easily observe or verify.
Via Cyber news
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
