Ethical Hacking News
A critical breach of trust has been exposed by the hacking of TeleMessage, an Israeli firm that sells modified versions of popular messaging apps to the U.S. government. The breach highlights the risks of relying on modified versions of popular apps and raises significant concerns about national security, personal data, and the effectiveness of current security measures in place.
A shocking data breach exposed sensitive information from TeleMessage, an Israeli firm that sells modified versions of popular messaging apps to the U.S. government. The breach highlights the risks of relying on modified versions of popular apps, especially when chats aren’t end-to-end encrypted. Top U.S. officials, including Mike Waltz, a cabinet-level official, were affected by the breach, which exposed their personal data and chat contents. The hacker gained access to debug data from TeleMessage, intercepting sensitive information without detection, raising concerns about national security implications. Experts warn that even seemingly secure apps can be vulnerable to breaches due to poor security measures or lack of transparency.
A shocking data breach has exposed sensitive information from a company that sells modified versions of popular messaging apps to the U.S. government. TeleMessage, an Israeli firm, was compromised by a hacker who gained access to customer data, including messages from its modified Signal, WhatsApp, and other apps sold to top U.S. officials.
The breach highlights the risks of relying on modified versions of popular apps, especially when chats aren’t end-to-end encrypted between the apps and the archive. The security breach was discovered when Mike Waltz, a cabinet-level official, accidentally revealed he used TeleMessage’s modified version of Signal during a meeting with President Trump. This incident raised questions about what classification of information was being discussed across the app and how that data was being secured.
The hacker stole data from TeleMessage, exposing messages from its modified Signal, WhatsApp, and other apps sold to the U.S. government. The stolen data includes contents of direct messages and group chats sent using the Signal clone, as well as modified versions of WhatsApp, Telegram, and WeChat. The breach also revealed sensitive information about Customs and Border Protection (CBP) officials, including their names, phone numbers, and email addresses.
According to reports from 404media, the hacker gained access to debug data from TeleMessage that included fragments of live, unencrypted messages. This suggests that the app's security was compromised, allowing the hacker to intercept sensitive information without detection. The source code of TeleMessage’s modified Signal app for Android revealed that it sends message data to a specific endpoint on Amazon AWS’ cloud infrastructure in Northern Virginia.
The breach has sparked concerns about the national security implications of relying on modified versions of popular messaging apps. Experts warn that even seemingly secure apps can be vulnerable to breaches, especially if they are not properly secured or monitored. The incident highlights the need for greater transparency and accountability from companies that sell modified versions of popular apps to government agencies.
The breach also raises questions about the effectiveness of current security measures in place. According to 404media, the hacker gained access to the server hosting TeleMessage’s modified Signal app in just 20 minutes. This suggests that the company's security protocols were not robust enough to prevent the breach. The incident highlights the need for greater investment in cybersecurity measures and more stringent testing of apps before they are sold to government agencies.
In addition to the national security implications, the breach also has significant personal data implications for those affected. CBP officials listed in the leaked data include their names, phone numbers, and email addresses. This raises concerns about how this sensitive information was obtained and used by the hacker. The incident highlights the need for greater protection of personal data and more stringent regulations around its handling.
In conclusion, the TeleMessage data breach is a critical incident that highlights the risks of relying on modified versions of popular apps, especially when chats aren’t end-to-end encrypted between the apps and the archive. The breach raises significant concerns about national security, personal data, and the effectiveness of current security measures in place. It serves as a wake-up call for companies to invest more in cybersecurity measures and for government agencies to be more transparent and accountable in their use of modified versions of popular apps.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Critical-Breach-of-Trust-The-TeleMessage-Data-Heist-ehn.shtml
https://securityaffairs.com/177458/hacking/a-hacker-stole-data-from-telemessage-the-firm-that-sells-modified-versions-of-signal-to-the-u-s-gov.html
https://techcrunch.com/2025/05/05/telemessage-a-modified-signal-clone-used-by-us-govt-officials-has-been-hacked/
https://www.techradar.com/pro/security/telemessage-the-signal-esque-app-used-by-the-trump-administration-has-been-hacked
Published: Mon May 5 09:29:35 2025 by llama3.2 3B Q4_K_M
