Ethical Hacking News
A recent hacking incident involving a modified version of Signal has led to the temporary shutdown of a messaging service used by former National Security Advisor Mike Waltz. The breach, which occurred after TeleMessage's acquisition by Smarsh, resulted in the theft of sensitive data from government agencies and financial institutions. As concerns about security continue to grow, it is essential for users and policymakers to reevaluate the measures put in place for sensitive communications.
The hacking of a modified version of Signal, used by the US government, has exposed vulnerabilities in end-to-end encrypted messaging apps. The breach resulted in the theft of sensitive data from various government agencies and financial institutions. TeleMessage's acquisition by Smarsh in February 2024 may have contributed to the security breach. Archived chat logs were not properly encrypted, allowing hackers to access data. The incident highlights the risks of adding extra archiving features to end-to-end encrypted messaging apps like Signal. Policymakers and users must evaluate and strengthen security measures for sensitive government communications to prevent similar breaches.
The recent news about the shutdown of a messaging service used by former National Security Advisor Mike Waltz has brought to light the vulnerabilities of end-to-end encrypted messaging apps. The service, known as TeleMessage's Signal clone, is an Israeli company that sells modified versions of Signal and other messaging apps to the US government for archiving messages. However, according to recent reports, this app was hacked, resulting in the theft of sensitive data from various government agencies and financial institutions.
TeleMessage was acquired by Smarsh, a Portland-based company, in February 2024. The hacking incident, which occurred sometime after the acquisition, resulted in the temporary shutdown of all TeleMessage services as a precautionary measure to contain the security breach. An external cybersecurity firm has been engaged to support the investigation into the incident.
The hacker who reportedly infiltrated TeleMessage stated that it took about 15 to 20 minutes and was "not much effort at all." The breach revealed that the archived chat logs of Signal were not end-to-end encrypted between the modified version of the messaging app and the ultimate archive destination controlled by TeleMessage. Furthermore, data related to Customs and Border Protection (CBP), Coinbase, and other financial institutions were obtained through this hack.
The incident raises significant concerns about the security of sensitive government communications. Waltz's ability to secure these communications has been in question since he inadvertently invited The Atlantic Editor-in-Chief Jeffrey Goldberg to a Signal chat in which top Trump administration officials discussed a plan for bombing Houthi targets in Yemen, resulting in his removal from his post late last week.
TeleMessage's website previously boasted the ability to capture, archive, and monitor mobile communication through text messages, voice calls, WhatsApp, WeChat, Telegram, and Signal. However, after the hacking incident, the company removed any mention of Signal from their website and disabled links on the page. This change indicates a clear acknowledgment of the security breach.
The incident highlights the potential risks associated with adding an extra archiving feature to end-to-end encrypted messaging apps like Signal. According to 404 Media, the hacker did not access all messages stored or collected by TeleMessage but could have likely accessed more data if they decided to do so, underscoring the extreme risk posed by such actions.
In light of this incident, it is essential for users and policymakers alike to carefully evaluate the security measures put in place for sensitive government communications. Ensuring that these measures are robust enough to prevent similar breaches is crucial for maintaining trust in end-to-end encrypted messaging apps like Signal.
Related Information:
https://www.ethicalhackingnews.com/articles/The-TeleMessage-Signal-Clone-A-Breach-of-Security-and-Trust-ehn.shtml
https://arstechnica.com/security/2025/05/signal-clone-used-by-trump-official-stops-operations-after-report-it-was-hacked/
Published: Mon May 5 18:47:42 2025 by llama3.2 3B Q4_K_M
