Nov 24, 2025 at 1:22 PM EST
Enumerating Three Billion Accounts on WhatsApp [pdf]
Mood
informative
Sentiment
neutral
Category
research
Key topics
Security
Research
Privacy
Discussion Activity
Light discussionFirst comment
N/A
Peak period
1
Hour 1
Avg / period
1
Comment distribution1 data points
Loading chart...
Based on 1 loaded comments
Key moments
- 01Story posted
Nov 24, 2025 at 1:22 PM EST
7h ago
Step 01 - 02First comment
Nov 24, 2025 at 1:22 PM EST
0s after posting
Step 02 - 03Peak activity
1 comments in Hour 1
Hottest window of the conversation
Step 03 - 04Latest activity
Nov 24, 2025 at 1:22 PM EST
7h ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Discussion (1 comments)
Showing 1 comments
7h ago
Abstract—WhatsApp, with 3.5 billion active accounts as of
early 2025, is the world’s largest instant messaging platform.
Given its massive user base, WhatsApp plays a critical role in
global communication.
To initiate conversations, users must first discover whether
their contacts are registered on the platform. This is achieved
by querying WhatsApp’s servers with mobile phone numbers
extracted from the user’s address book (if they allowed access).
This architecture inherently enables phone number enumeration,
as the service must allow legitimate users to query contact
availability. While rate limiting is a standard defense against
abuse, we revisit the problem and show that WhatsApp remains
highly vulnerable to enumeration at scale. In our study, we were
able to probe over a hundred million phone numbers hourly
ID: 46037231Type: storyLast synced: 11/24/2025, 6:24:09 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.