What WhatsApp and Signal reveal, despite encryption
Signal is famous for good end-to-end encryption, WhatsApp is following suit. At DEFCON, two Austrians show what the messengers reveal nonetheless.
(Image: Henk Vrieselaar/Shutterstock.com)
Signal and WhatsApp encrypt messages end-to-end, which means that they remain encrypted throughout their entire journey from sender to recipient. This applies to the content. But other information can be harvested with a little effort; at the IT security trade fair DEFCON 2025 on Sunday, Austrian security researchers Gabriel Gegenhuber and Maximilian GĂĽnther (local time) presented their side-channel and protocol attacks.
As it turns out, delivery confirmations of Signal and WhatsApp reveal a lot about the end devices used and their status. Delivery confirmations should not be confused with read confirmations, which every user can switch off in their app settings. Delivery confirmations are essential for the service so that it does not endlessly struggle to deliver messages that have already been delivered.
The round-trip time (RTT) of the delivery confirmation alone allows more conclusions to be drawn than the layman would assume. If it takes a very long time, the device is offline. But even fluctuations in the range of seconds reveal the status of the receiving device: The fastest time is when the app is in the foreground, i.e. when it is probably being used. It is slower when it is not in the foreground and even slower when the screen is off or the browser tab is inactive.
This scattering also varies depending on the device model, connection method (LAN, WLAN or mobile) and status (is the cell phone currently being used or not). And that's not all: the transmission of confirmations is implemented differently for different device classes. For example, the delivery confirmations for Whatsapp and Signal are transmitted individually by smartphone apps (Android, iOS), but in groups – for the desktop versions of the services and in a shuffled order for Whatsapp for MacOS.
Conclusions about location
Attackers can create databases using data from test series with their devices to be able to compare data obtained later from attack targets. This would make it possible to tell at a glance what devices are being used under a WhatsApp or Signal account and what state they are probably in at the moment. This allows further conclusions to be drawn: for example, if a certain desktop device or browser instance is regularly online during office hours, it may be possible to deduce the location of the target when delivery confirmations arrive. Conversely, delivery confirmations from a desktop computer that is usually only used in the evening or at weekends may indicate that the recipient is at home.
The number of devices registered under an account is even easier to determine: The Whatsapp and Signal key servers assign consecutive numbers, with 0 and 1 respectively indicating the "main device". Higher numbers are additional devices so that the attacker can also distinguish between them.
Videos by heise
Secret flood of messages
However, series of delivery confirmations are required to gain knowledge. A single measurement only tells you whether the device is online. Wouldn't the victim notice if they were covered by an avalanche of messages? No, because it is possible to send specially structured messages to WhatsApp and Signal subscribers that trigger delivery confirmations but are not displayed on the end device. The researchers used alternative implementations of the applications for this purpose.
This means that an attacker can send a long series of silent "pings" to a target of whom they only know the phone number or username without it being noticed. The Signal infrastructure at least has a built-in limit of one message every two seconds, while the Austrians were unable to identify any rate limiting in WhatsApp. This enables close monitoring over long periods of time.
This makes it possible to remotely determine how many end devices a victim is using their WhatsApp or Signal account on, with which types of devices and operating systems, at what times and in which operating status they are currently in. This includes the transmission method and possibly their location. This enables digital stalking as well as the selection of malware for a targeted attack via a different channel; the information can also help to carry out a physical attack precisely when the target device is unlocked, which helps security agencies and intelligence services in particular.
