According to a 2023 study by the cybersecurity firm Check Point, the “Hide Online status” feature of WhatsApp GB has been activated and used by approximately 120 million users worldwide, but there are significant loopholes in its technical implementation. For example, this function forces the blocking of the transmission protocol of the “last seen” timestamp by modifying the client code. However, the official Meta server still records the real online status of users at a frequency of three times per second, resulting in approximately 29% of WhatsApp GB users triggering the risk control mechanism due to abnormal behavior. The account ban rate is 41% higher than that of ordinary users. In a cyberfraud case cracked by the Brazilian police in 2022, criminals used WhatsApp’s GB to pretend to be offline and carry out phishing attacks, resulting in a maximum single-day case amount of 2.3 million reais (approximately 450,000 US dollars).
From the perspective of technical architecture analysis, the stealth function of WhatsApp GB relies on unauthorized tampering with the Signal protocol. The failure rate of packet integrity verification of its custom API interface is as high as 18%, which is much higher than 0.03% of the official client. An experiment conducted by the Indian Institute of Technology Mumbai in 2021 showed that among users who used WhatsApp GB to hide their online status, 63% could still be tracked by third parties through network traffic fingerprint identification (such as maintaining a data packet sending frequency of 12-15 per minute), and the probability of IP address exposure increased to 76%. What’s more serious is that this function requires users to grant the “background run” permission, resulting in the peak device resource occupancy rate reaching 3.2 times that of the official application and accelerating the battery depletion rate by 19%.
At the compliance level, the stealth module of WhatsApp GB failed to meet the requirements of Article 25 of the EU GDPR, “Default Design for Privacy”. Its data storage locations are distributed across three undisclosed Amazon AWS servers (Frankfurt, Singapore, and Sao Paulo), and the encryption strength of user geographic information only adopts the AES-128 standard. The cracking time of AES-256 is shortened by 98% compared with the official version. In May 2023, the German Federal Information Security Agency (BSI) detected that the v9.85 version of WhatsApp GB had a CVE-2023-21984 vulnerability. Attackers could forge an offline status by taking advantage of a 300-millisecond time window difference, with a success rate as high as 82%.
User behavior data shows that the average daily message sending volume of WhatsApp GB users with the invisibility function enabled decreased by 27%, but the frequency of recall operations increased to 6.3 times per hour, which was 2.4 times that of official users. Security experts warn that this feature could undermine the end-to-end encrypted trust chain – a 2022 study by the University of Cambridge shows that the middleware code introduced by WhatsApp GB for achieving online state hiding has soared the risk of message decryption key leakage from 0.7% to 15%, and the average cycle for fixing the vulnerability is as long as 47 days. It far exceeds the 72-hour response standard of the official team.
Although WhatsApp GB claims to offer “perfect invisibility”, there is a fundamental flaw in its underlying logic: Meta servers still push status update requests to the device at a frequency of once per second. If the user does not respond for 12 consecutive minutes (commonly seen in the forced offline mode), the system will automatically mark the account as abnormal. According to statistics from the Telegram security community, account rate limiting failures caused by such mechanisms affect over 18 million users each month. On average, third-party developers need to pay an “unlock fee” of 8 to 15 US dollars to restore the service. It is recommended that users weigh their privacy needs against security risks, give priority to using the “Limit Visibility” function of the official application (which can reduce the metadata exposure rate by 85%), and control the connection delay within 300ms through the Tor network to confuse the online mode.