Whisper Leak - LLM Side-Channel Attack Infers Chat Topics
Category:Threat Alerts
Microsoft researchers revealed 'Whisper Leak', a side-channel attack on streaming LLM APIs that deduces chat topics by analyzing encrypted traffic timing and size. The method maps to T1040 (Network Sniffing) and T1592 (Gather Victim Identity Information). By training classifiers on packet metadata, adversaries can identify sensitive query themes such as politics or finance. Even without decrypting content, ISPs or Wi-Fi operators could infer user behavior and interests.
CORTEX Protocol Intelligence Assessment
Business Impact: Compromises privacy of LLM users and leaks sensitive corporate context. Technical Context: Exploits timing and size metadata from token streams. Mitigations include response batching and traffic padding.
Strategic Intelligence Guidance
- Use LLM vendors that support traffic padding and batching.
- Route AI traffic via VPNs or secure proxies.
- Assess side-channel exposure in third-party risk programs.
- Educate users about metadata privacy limits.
Vendors
Threats
Targets
Intelligence Source: Whisper Leak - LLM Side-Channel Attack Infers Chat Topics | Nov 11, 2025