Security researchers have uncovered a sneaky privacy glitch called “Careless Whisper” that lets hackers track your every move on WhatsApp and Signal using invisible delivery receipts—no need to be contacts or send obvious messages.
https://the420.in/fcrf-certified-grc-professional-program-governance-risk-compliance-training-india/
How the Attack Works
Attackers fire off stealth messages like fake reactions to non-existent posts, timed-out edits, or bogus deletions. These trigger round-trip time (RTT) responses from your device, spilling details like whether your screen is on (1-second delay), off (2 seconds), or app in foreground (300ms on iPhones).
Over 3 billion WhatsApp users and millions on Signal are at risk. High-speed pings (sub-second on WhatsApp) map your online status, Wi-Fi switches, calls, and even laptop syncs without notifications. Multi-device setups leak extra, like desktop logins hinting at your office arrival.
Real-World Dangers
RTT patterns fingerprint your OS (Android/iOS ordering differs) and hardware (Qualcomm vs Exynos jitter). Hackers infer schedules, screen habits, or geolocation down to seconds. Worse, massive 1MB reactions blast 3.7MB/sec traffic, draining iPhone/Samsung batteries 14-18% hourly or spiking data bills—no rate limits stop it.
