A new digital threat called Silent Whisper is challenging the security of WhatsApp and Signal.
In the world of instant messaging the word privacy has become almost a mantra, in fact applications such as WhatsApp e Signal they are often perceived as safe, protected and unassailable environments.
Without a shadow of a doubt, however, the reality is more complex. A new vulnerability, renamed Silent Whisperis causing unexpected cracks to emerge in the very systems that promise encrypted and confidential communications.
WhatsApp at risk with this new virus
The most striking fact is the scope of the problem. We are talking about around three billion users potentially exposed to a form of real-time tracking. They are not needed malware complex or physical access to the device, but a simple phone number is enough. From there, taking advantage of this fallaan attacker can reconstruct a person’s movements, daily habits and even infer sleep patterns. This all happens silently, with no obvious notifications or alerts to the user.
Silent Whisper it hits one of the most common elements of messaging apps, which are technically called message delivery confirmations delivery receipts. These are automatic responses that indicate whether a message has been delivered. A mechanism designed to improve the user experience, however it can be used as a side channel for collect information. And it is precisely here that the limits of the current defenses of platforms such as WhatsApp e Signal.
Il operation of the attack It’s surprisingly simple, and that’s what’s most concerning. Researchers have shown that it is possible to send invisible messages or particular interactions, such as reactions to content that no longer actually exists or changes that have already expired.
Although the user sees nothingthe app responds anyway. By analyzing the time between sending and receiving the confirmation, the so-called RTT o Round Trip Timevery precise information can be obtained.
From these response timesIn fact, it is possible to understand if the device is active, if the screen is on, if the connection is made via Wi-Fi or mobile network and, by cross-referencing the data over time, even hypothesize when a person is sleeping or awake. Without a shadow of a doubt, it is one sophisticated form of surveillancewhich does not require advanced technical skills. The proof of concept is already public and easily replicable, a detail that makes the threat even more concrete.
Expert advice on how to defend yourself
To date, however, it does not exist an official patch capable of definitively solving the problem. The companies involved are hard at work, but in the meantime users remain exposed. This shows how the crittografia end-to-endwhile essential, does not protect against every possible attack vector. There are indirect levels, often underestimated, which can reveal much more than imagined.
Looking forward to resolution updatesit is essential to adopt some precautions. Paying attention to abnormal battery consumption or data traffic can help pinpoint suspicious behavior. It is equally important to limit the public dissemination of your telephone number, avoiding placing it on unreliable sites or social networks. Always keep the messaging appHowever, it remains the first concrete step to reduce the risk.
Silent Whisper represents a wake-up call for the entire sector. Digital security is never final and requires a constant balance between functionality and protection. For users it means being more awarewhile for platforms it is a call to strengthen every single detail of their own system. Even those who, until yesterday, seemed completely harmless.
Related News :