Danny Weber
19:42 16-12-2025
© E. Vartanyan
A new GitHub tool exposes the Silent Whisper vulnerability, using RTT pings to infer WhatsApp and Signal user status by phone number. Learn key risks.
A new tool has surfaced online that showcases the Silent Whisper vulnerability, making it possible to monitor WhatsApp and Signal user activity using nothing more than a phone number. This isn’t about breaking into accounts or reading messages—the technique relies on analyzing the apps’ own technical responses.
The attack hinges on measuring the response time of delivery acknowledgments. WhatsApp and Signal automatically answer so‑called “pings,” and an attacker can analyze the round‑trip time (RTT) of those packets. From these timings, it’s possible to infer whether a device is active, connected via Wi‑Fi or mobile data, in sleep mode, or completely offline.
Researchers in Vienna detailed Silent Whisper in depth last year. Interest has surged again after a proof‑of‑concept tool appeared on GitHub from a user named gommzystudio. The author says it’s feasible to send up to 20 requests per second without triggering any notifications on the target device, which is enough to build a fairly accurate picture of a person’s activity.
Images of analytical charts have also circulated online, illustrating how these measurements are interpreted. Shifts in latency reveal the device’s state and operating mode, opening the door to discreet surveillance without ever touching message content.
Experts note the vulnerability remains relevant. As basic precautions, users are advised to restrict messages from unknown accounts and keep their messaging apps updated promptly—pragmatic steps that help, even if they don’t eliminate the risk entirely for now.