Latest news with #Signal-like
Yahoo
30-05-2025
- Business
- Yahoo
X's new DM feature, XChat, is rolling out in beta
X's new DMs feature, XChat, has begun rolling out to beta testers. Some X users who pay for the platform's subscription product have reported that they can access XChat, while reverse engineer Nima Owji confirmed to TechCrunch that the new messaging system appears to be ready to ship. XChat is intended to be a more robust version of X's existing DMs (direct messages) feature, which is a holdover from before Elon Musk's acquisition of Twitter. Some features that have been rumored to be part of XChat include group messages, end-to-end encryption, vanishing mode, the ability to mark messages as unread, and file sharing. Messages also appear to be secured behind a 4-digit passcode. X announced on Thursday that it was pausing work on its encrypted DMs feature, which could be related to the impending release of XChat, since this new system would render the existing DMs interface obsolete. Paid subscribers on X have had access to a limited version of encrypted messaging for two years. In the years since he bought Twitter, Musk has spoken on numerous occasions about his ambitions to make a Signal-like messaging service embedded into X. If XChat really is gearing up for public use, then this news could represent Musk's follow-through on that goal. Sign in to access your portfolio
The Hill
06-05-2025
- Politics
- The Hill
Senate Democrat calls on DOJ to investigate risks from Signal-like app
Sen. Ron Wyden (D-Ore.) is calling on the Department of Justice to investigate the risks associated with Trump administration officials using TeleMessage, a Signal-like messaging app, which was recently hacked. Wyden, in a letter sent to Attorney General Pam Bondi, asked for an investigation into the 'serious' national security threat posed by TeleMessage, 'a federal contractor that sold dangerously insecure communications software' to the White House and other federal agencies. The Democrat said the federal agencies, including former national security adviser Mike Waltz, 'recklessly entrusted' TeleMessage, an Israeli company that Wyden said claims to offer a secure tool to archive messages sent via Signal. Instead, the app is a 'shoddy Signal knockoff' that poses a threat to security due to its archive system. Wyden highlighted a security researcher who found that the company sends unencrypted copies of every message to a server. Each message is 'seemingly available' to anyone within the company or to anyone who has access to the server, Wyden said. He noted that since the app is unsecure, it has been repeatedly hacked recently. Technology site 404 Media recently reported that a hacker exploited a vulnerability in TeleMessage and was able to access some direct messages and group chats. Waltz was ousted from his national security position last week after a scandal over his use and creation of a Signal group to share updates about the U.S. attack on the Houthi rebels in Yemen with other administration officials. The situation escalated after a photo taken during a cabinet meeting showed Waltz using TeleMessage to chat with officials including Vice President Vance and Director of National Intelligence Tulsi Gabbard. The scandal sparked concern about national security and the administration's communication platforms. It worsened once hackers gained access to TeleMessage and prompted the site to temporarily suspend services 'out of an abundance of caution,' Reuters reported. 'TeleMessage Archiver is a modified version of Signal that looks the same as Signal and can be used to communicate with other Signal users. The White House seemingly adopted TeleMessage Archiver in the wake of the 'Signalgate' scandal this year,' Wyden wrote to Bondi. After The Atlantic's editor-in-chief Jeffrey Goldberg revealed Waltz created the Signal group chat with other administration officials, it was noted that he set the group chat's settings to have messages auto-erase after a certain number of weeks. After Waltz was reminded of federal recordkeeping laws, Wyden said it appeared the White House 'equipped' him with the TeleMessage app. Wyden was calling on the DOJ to investigate TeleMessage's misleading messages to the federal government about its security and end-to-end encryption, as well as the hacking of the platform. He also called for an investigation into the counterintelligence threat posed by the app, to determine the extent to which foreign employees of the company have access to government users' messages and if the company has shared U.S. government communications with foreign governments, particularly the Israeli government. 'It remains unclear whether the design of this system was merely the result of incompetence on the part of the foreign company, whose senior leadership are former intelligence officers, or a backdoor designed to facilitate foreign intelligence collection against U.S. government officials,' Wyden wrote. 'Regardless, TeleMessage's dangerously insecure design should have been discovered long before the company's app was installed on the phone of the President's national security advisor and, presumably, other senior White House officials.'
Business Journals
05-05-2025
- Business
- Business Journals
Smarsh investigating 'security incident' of its TeleMessage product tied to Trump administration officials
Former National Security Advisor Mike Waltz went from using Signal to using a Signal-like product from digital archiving firm Smarsh.
Axios
05-05-2025
- Business
- Axios
Signal archiving tool Trump officials used suspends services after hack claims
A Signal archiving tool the Trump administration relied on has suspended operations after two reported hacks, according to several news reports. Why it matters: The suspension is just the latest in a series of events that highlights how poor security controls are putting high-value American secrets at risk. Driving the news: Last week, Reuters published a photo of now-former national security adviser Mike Waltz using a Signal-like messaging app, called TeleMessage, that archives messages sent on the encrypted messaging app. On Sunday, 404 Media published a story about a hacker who claims they were able to hack into TeleMessage in about "15-20 minutes." The hacker walked away with names and contact information for government officials, usernames and passwords for TeleMessage's backend panel and indicators for which companies are using the service, according to 404 Media's report. NBC News also reported Monday it had received information from a different hacker saying they were also able to break in and download a large cache of files. What they're saying: "TeleMessage is investigating a potential security incident," a spokesperson for Smarsh, which owns the app, told CNBC in a statement. "Out of an abundance of caution, all TeleMessage services have been temporarily suspended. All other Smarsh products and services remain fully operational," the spokesperson added. State of play: Israel-based TeleMessage has since wiped its website. Screenshots of the company's website from April 8, as seen on the Internet Archive's Wayback Machine, show that the service publicly claimed it could help capture messages in Signal, Telegram and WeChat. Now, each company webpage redirects to the same sparsely filled homepage that erases all mention of Signal and Telegram. Threat level: Even before the 404 Media report, security experts were warning that TeleMessage appeared to tamper with Signal's end-to-end encryption since it would allow a message to be retrieved after being stored somewhere else.
Yahoo
05-05-2025
- Politics
- Yahoo
Someone Reportedly Hacked the Messaging App Mike Waltz Was Seen Using
A hacker reportedly stole customer data from a company that makes a Signal-like app that former National Security Adviser Mike Waltz was seen using in a Cabinet meeting with President Donald Trump. The hack includes direct messages and personal information from TeleMessage apps, 404 Media reported Sunday. TeleMessage is an Israeli company that makes modified versions of Signal, WhatsApp, and other messaging platforms, but allows users to archive messages. The app is not fully end-to-end encrypted, which is concerning considering high-ranking Trump administration officials appear to be using it. Signal is fully end-to-end encrypted. 'I would say the whole process took about 15-20 minutes,' the hacker told 404 Media about accessing the data. 'It wasn't much effort at all.' Trump removed Waltz from his role as national security adviser and nominated him to become U.S. ambassador to the United Nations last week. Waltz's competence came into question after he added Atlantic editor Jeffrey Goldberg to a Signal chat about plans for military strikes in Yemen. The flub led to a firestorm of criticism about the administration's recklessness with sensitive information, both because of Goldberg's presence in the chat as well as the fact that top officials were using an app vulnerable to phishing attacks like Signal. Last week, a Reuters photo showed Waltz using TeleMessage with chats labeled 'J.D. Vance' and 'Gabbard.' The hack reignites concerns about the security of Waltz's messages. Information the hacker accessed did not include Waltz's communications, but reportedly includes names, phone numbers, and email addresses of Customs and Border Protection officials, as well as information about some financial institutions. It is also possible that the Intelligence Branch of the Washington, D.C., Metropolitan Police is using the app. TeleMessage reportedly has contracts with government agencies including the State Department and Centers for Disease Control and Prevention. It is likely that the government uses TeleMessage in order to comply with rules about document retention. The hacker did not access all TeleMessage content, but potentially could have accessed more. 404 Media does not know the identity of the hacker. However, journalists Joseph Cox and Micah Lee were able to independently verify material from the hack. The person who accessed the data said they were 'just curious how secure it was.' One hacked message that seems to be linked to the crypto firm Galaxy Digital was about a cryptocurrency bill that a group of Senate Democrats said on Saturday they would oppose, showing that the hacker was able to access recent data. TeleMessage claimed in a YouTube video, which has since been made private, that it keeps 'intact the Signal security and end-to-end encryption when communicating with other Signal users.' 'The only difference is the TeleMessage version captures all incoming and outgoing Signal messages for archiving purposes,' the video says, according to 404 Media. Contrary to TeleMessage's claims, by sending messages somewhere to be stored, they add a third party that could in turn store the messages incorrectly. The data the hacker accessed was on its way to getting archived. 'We cannot guarantee the privacy or security properties of unofficial versions of Signal,' a Signal spokesperson told 404 Media. 'If I could have found this in less than 30 minutes then anybody else could too. And who knows how long it's been vulnerable,' the hacker said. More from Rolling Stone Democrats Denounce Rubio Holding Four Roles in Trump Administration Trump Continues 100-Days Celebration by Firing His First High-Level Appointee Republicans Move to Block Inquiries Into Trump Admin Amid Signal Scandal Best of Rolling Stone The Useful Idiots New Guide to the Most Stoned Moments of the 2020 Presidential Campaign Anatomy of a Fake News Scandal The Radical Crusade of Mike Pence
