- Attackers can silently monitor phones using only the victim’s phone number
- Polling significantly increases battery consumption during continuous delivery receipt exploitation
- Continuous tracking consumes mobile data and interferes with heavy applications
Security researchers have revealed a tracking technique called “Silent Whisper” that exploits how popular messaging apps handle acknowledgments.
The method targets WhatsApp and Signal by abusing low-level message receptions that are automatically exchanged whenever an app processes incoming network traffic.
By knowing only one phone number, an attacker can repeatedly poll a device without sending visible messages or triggering notifications.
Impact on battery life and data usage
Silent Whisper operates beneath the user interface, making detection unlikely during normal phone use.
Testing on several smartphones showed unusually high battery consumption during polling activity.
Under normal conditions, idle phones typically lose less than 1% battery per hour.
During testing, an iPhone 13 Pro lost 14% per hour, an iPhone 11 lost 18% per hour, and a Samsung Galaxy S23 lost 15% per hour.
Applying the same approach to Signal resulted in only 1% battery loss per hour due to stricter rate limiting.
Continuous polling also consumes mobile data and interrupts bandwidth-intensive applications such as video calls.
The tracking method is based on measuring the round trip times of delivery receipts.
These response times vary depending on whether a phone is active, idle, offline, connected to WiFi, or using cellular data.
Stable, fast responses may suggest that a device is actively used at home, while slower or inconsistent times may indicate motion or weaker connectivity.
Over long periods, these patterns can reveal daily routines, sleep schedules, and travel behavior without accessing message content or contact lists.
Although academic research described the vulnerability previously, a publicly available proof-of-concept tool has demonstrated its feasibility.
The tool allows probing at intervals as short as 50 ms, allowing detailed observation without alerting the target.
The developer warns against misuse and emphasizes research intent, but the software remains accessible to anyone.
This raises concerns about widespread abuse, especially as the vulnerability remains exploitable in December 2025.
Disabling read receipts reduces the exposure of standard messages, but does not completely block this technique.
WhatsApp offers an option to block a large volume of messages from unknown accounts, although the platform does not define application thresholds.
Signal provides additional controls, but researchers confirmed that research is still possible.
Traditional antivirus software does not detect misuse at the protocol level.
Services marketed for identity theft protection or malware removal offer limited value when there is no malware installed on the device.
This risk has less to do with data theft and more to do with persistent monitoring of behavior that users cannot easily observe or verify.
Through cyber news
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
