Whisper Leak Attack Exposes AI Chat Topic Inference via Encrypted Traffic
Summary
Hide ▲
Show ▼
Microsoft has revealed a new side-channel attack called Whisper Leak that allows adversaries to infer topics of conversations with AI language models by analyzing encrypted traffic patterns. The attack exploits packet size and timing sequences in streaming model responses, even when communications are protected by HTTPS. This poses significant privacy risks for users and enterprises, as attackers can identify sensitive topics discussed in encrypted chats. Microsoft, OpenAI, Mistral, and xAI have implemented mitigations, including adding random text sequences to mask token lengths. The attack highlights the vulnerabilities in AI chatbots and the need for robust security measures.
Timeline
-
08.11.2025 16:29 1 articles · 2d ago
Whisper Leak Attack Disclosed by Microsoft
Microsoft revealed the Whisper Leak attack, which allows adversaries to infer conversation topics from encrypted traffic patterns in AI chatbots. The attack exploits packet size and timing sequences in streaming model responses, achieving high accuracy in identifying sensitive topics. Mitigations have been implemented by OpenAI, Mistral, and Microsoft to counter the risk.
Show sources
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic — thehackernews.com — 08.11.2025 16:29
Information Snippets
-
Whisper Leak attack can infer conversation topics from encrypted TLS traffic by analyzing packet size and timing sequences.
First reported: 08.11.2025 16:291 source, 1 articleShow sources
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic — thehackernews.com — 08.11.2025 16:29
-
The attack works against streaming-mode language models, which incrementally receive data as the model generates responses.
First reported: 08.11.2025 16:291 source, 1 articleShow sources
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic — thehackernews.com — 08.11.2025 16:29
-
Microsoft demonstrated the attack using binary classifiers trained with LightGBM, Bi-LSTM, and BERT models, achieving over 98% accuracy.
First reported: 08.11.2025 16:291 source, 1 articleShow sources
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic — thehackernews.com — 08.11.2025 16:29
-
Mitigations include adding random text sequences to responses to mask token lengths, implemented by OpenAI, Mistral, and Microsoft.
First reported: 08.11.2025 16:291 source, 1 articleShow sources
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic — thehackernews.com — 08.11.2025 16:29
-
Users are advised to avoid discussing sensitive topics on untrusted networks, use VPNs, and prefer non-streaming models or providers with mitigations.
First reported: 08.11.2025 16:291 source, 1 articleShow sources
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic — thehackernews.com — 08.11.2025 16:29