InfoSecBulletin Cybersecurity for mankind
WhatsApp introduces a privacy feature called “Protect IP Address in Calls.” This feature masks users’ IP addresses by relaying the calls through its servers.
WhatsApp stated that calls are end-to-end encrypted, meaning that even if a call goes through their servers, they cannot listen to the calls.
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
OTP glitch disrupted NID services across the country
Google to pay Texas $1.4 billion for location tracking practices
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
The main idea is to increase the difficulty for malicious people on the call to figure out the user’s location. This is done by securely sending the connection through WhatsApp servers. But, there is a small decrease in call quality when using the privacy option.
ALSO READ:
Microsoft Authenticator blocks suspicious MFA alerts by default
It’s similar to Apple’s iCloud Private Relay. It adds a layer of anonymity by routing users’ Safari browsing sessions through two secure internet relays.
The “Protect IP Address in Calls” feature has been in development since at least August 2023, according to WABetaInfo.
WhatsApp said that enabling this feature would relay all calls through their servers, protecting your IP address and preventing others from determining your general location.
“This new feature provides an additional layer of privacy and security particularly geared towards our most privacy-conscious users.”
The feature enhances user privacy and security by ensuring unwanted contact is filtered and minimizing the risk of zero-click attacks and spyware.
WhatsApp’s silenced call feature uses a special protocol to minimize the processing of data controlled by attackers. This is done by using a privacy token.
When making a call, the caller includes the recipient’s privacy token in the message. The server then checks the validity of the token and other factors to decide if the recipient allows the caller to call them.
“For privacy reasons, the server does not gain knowledge of the specific relationship between caller and recipient from the token.”
