Ethical Hacking News
A skilled hacker has hacked into the modified Signal app used by former national security advisor Mike Waltz, exposing critical vulnerabilities in the app's security. The breach has left many questioning the app's compliance with data retention laws for federal employees and its overall security, highlighting the need for robust security measures and transparency from companies like TeleMessage to ensure that sensitive information is handled with care.
TeleMessage, a version of Signal designed for government bodies, was hacked, revealing critical vulnerabilities in its security. The hacker gained access to customer data, including message contents and government official contact information within 15-20 minutes. US Customs and Border Protection, Coinbase, and Democratic legislators were reportedly compromised. A chat called GD Crypto revealed discussions between Galaxy Digital and prominent Democrats opposing a GOP-led effort to create a regulatory framework for stablecoin issuers. The incident highlights the importance of robust security measures in government communications. TeleMessage's use of a third-party server has raised concerns about its ability to maintain end-to-end encryption.
In a shocking turn of events, the modified Signal app used by former national security advisor Mike Waltz was hacked, revealing critical vulnerabilities in the app's security. The incident has left many questioning the app's compliance with data retention laws for federal employees and its overall security.
TeleMessage, a version of Signal designed to meet the requirements of government bodies, was found to have been breached by a skilled hacker who gained access to customer data within 15-20 minutes. The hacker stole message contents, the names and contact information of government officials, and TeleMessage usernames and password data. While Waltz's messages were not breached, US Customs and Border Protection, Coinbase, and Democratic legislators were reportedly compromised.
One of the most significant revelations was the exposure of a chat called GD Crypto, which revealed discussions between the crypto firm Galaxy Digital and prominent Democrats regarding opposition to a GOP-led effort to create a regulatory framework for stablecoin issuers. The hacker gained access to sensitive information that had not been publicly disclosed before, including messages indicating that Maryland Senator Angela Alsobrooks and New York Senator Kirsten Gillibrand did not sign off on a public statement opposing the bill.
The incident highlights the importance of robust security measures in government communications. TeleMessage's use of a third-party server for storage has raised questions about the app's ability to maintain end-to-end encryption, despite its claims to do so. The hacker's ability to breach the server in such a short amount of time raises concerns about the app's overall security.
TeleMessage was founded in Israel in 1999 and acquired by Oregon-based digital communications compliance company Smarsh in 2024. The company's CEO and co-founder, Guy Levitt, declined to comment on the incident.
This breach exposes a web of vulnerabilities that were previously unknown, including the fact that TeleMessage's server is hosted on Amazon's AWS cloud infrastructure in northern Virginia. This has raised concerns about the security of end-to-end encryption offered by Signal.
The implications of this incident are far-reaching and have significant consequences for national security. The Department of Defense has announced an investigation into SignalGate, which includes an expansion to include former Secretary of Defense Pete Hegseth's use of the app to share military information with his family members. This is a continuation of the controversy surrounding Signalgate, which began when Waltz accidentally invited The Atlantic's editor-in-chief, Jeffrey Goldberg, to a Signal group chat in late March.
In that incident, Pentagon officials discussed a military strike in Yemen while Goldberg was watching the messages and their real-life consequences unfolded live. Hegsgeth came under scrutiny again last month when the Washington Post reported that he used an unsecured internet line to bypass Pentagon security and install Signal on a desktop computer.
The investigation into TeleMessage's breach has shed light on the company's failure to maintain adequate security measures, despite its claims of compliance with data retention laws for federal employees. The incident serves as a reminder that no app is completely secure, and even seemingly minor vulnerabilities can have significant consequences in the wrong hands.
As the government continues to explore ways to address these vulnerabilities, it is essential that companies like TeleMessage prioritize robust security measures and transparency in their practices. The exposure of this breach highlights the need for better communication between companies and regulatory bodies to ensure that sensitive information is handled with the utmost care.
In conclusion, the hack of TeleMessage has exposed a critical vulnerability in the app's security, highlighting the importance of robust security measures in government communications. The implications of this incident are far-reaching and have significant consequences for national security, emphasizing the need for transparency and accountability from companies like TeleMessage to ensure that sensitive information is handled with care.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Unsecure-Threads-of-TeleMessage-A-Web-of-Vulnerability-Exposed-by-a-Skilled-Hacker-ehn.shtml
https://gizmodo.com/signalgate-modified-signal-app-used-by-former-national-security-advisor-was-hacked-2000598182
Published: Mon May 5 13:13:05 2025 by llama3.2 3B Q4_K_M
