Latest news with #TeleMessage
Yahoo
30-05-2025
- Politics
- Yahoo
White House investigating how Trump's chief of staff's phone was hacked
The White House is investigating after one or more people reportedly accessed the contacts from the personal phone of White House chief of staff Susie Wiles, and used the information to contact other top officials and impersonate her. Wiles reportedly told people that her phone was hacked. The Wall Street Journal first reported the hack of Wiles' phone. CBS News also confirmed the reporting. The hacker or hackers are said to have accessed Wiles' phone contacts, including the phone numbers of other top U.S. officials and influential individuals. The WSJ reports that those who received phone calls impersonating Wiles used AI to impersonate her voice and sent text messages from a number not associated with Wiles. White House spokesperson Anna Kelly would not say, when asked by TechCrunch, if authorities had determined if a cloud account associated with Wiles' personal device was compromised, or if Wiles' phone was targeted by a more advanced cyberattack, such as one that involves the use of government-grade spyware. In response, the White House said it "takes the cybersecurity of all staff very seriously, and this matter continues to be investigated." This is the second time Wiles has been targeted by hackers. In 2024, The Washington Post reported that Iranian hackers had attempted to compromise Wiles' personal email account. The Journal said Friday, citing sources, the hackers were in fact successful in breaking into her email and obtained a dossier on Vice President JD Vance, then Trump's running mate. This is the latest cybersecurity incident to beset the Trump administration in the months since taking office. In March, former White House top national security adviser Michael Waltz mistakenly added a journalist to a Signal group of top White House officials, including Vance and Wiles, which included discussions of a planned military air-strike in Yemen. Reports later revealed that the government officials were using a Signal clone app called TeleMessage, which was designed to keep a copy of messages for government archiving. TeleMessage was subsequently hacked on at least two occasions, revealing the contents of its users' private messages. Error in retrieving data Sign in to access your portfolio Error in retrieving data
Yahoo
23-05-2025
- Politics
- Yahoo
The Trump Administration's Chat Hack Is Starting to Sound Really Bad
President Donald Trump's national security adviser Mike Waltz has already been ousted for using a bottom-shelf Signal clone for official messaging — but the fallout from that debacle is still getting worse and worse. As Reuters reports, a hacker who accessed information from TeleMessage, an Israeli messaging app that was sold to the government to archive messages from Signal and other services, obtained data from way more Trump officials than previously thought. It's been an especially tough year for Waltz. After being caught accidentally adding Jeffrey Goldberg, The Atlantic's editor-in-chief, to a Signal group chat about Yemeni bombing plans, the Trump adviser was photographed using TeleMessage's Signal clone during a Cabinet meeting just before news broke that it had been hacked. Though Waltz was ultimately fired , the hits have continued in his absence. With the help of the nonprofit Distributed Denial of Secrets, which publishes hacked information of interest to the public, Reuters found more than 60 government officials whose information had been accessed from TeleMessage. Those officials range from staffers with the State Department and the White House to disaster responders and Secret Service members, and although the messages the British wire reviewed were often fragmentary, its reporters were still able to see those federal employees' phone numbers. Outsiders are also corroborating. People outside the government, whose numbers were in the breached message cache, including one person who'd been applying for disaster aid and another from a financial service company, confirmed to Reuters that they had indeed been messaging with Trump administration officials. The White House, to its end, said in a statement that it was "aware of the cyber security incident" but didn't offer any additional details. As Wired reported when the TeleMessage photo was first published, it appears that the app's archiving capabilities essentially nullified any security promises from the app, which was recently purchased by an Oregon-based company called Smarsh. The person who hacked the government's Telemessage server told Wired in a followup story that breaching the app "wasn't much effort at all," and that it only took them about "15 or 20 minutes." As that hacker explained, an issue with the the app's "hashing," which is supposed to obfuscate passwords, accidentally made it easy to figure them out. Once they were in, the hacker was presented with a file literally titled "heapdump" that included the login credentials of people who used the app — and because is archiving effectively un-encrypted the messages sent, they partially accessed those too. Though the extent of this breach and other details about the scandal remain unclear, it's abundantly obvious that the Trump administration has a security problem so bad that it makes Hillary Clinton's private email server look like Fort Knox. More on Telemessage: Trump's Deportation Airline Just Got Hacked by Anonymous
Ammon
22-05-2025
- Politics
- Ammon
Communications app hacking reveals secrets of US officials' visit to Jordan
Ammon News - Reuters revealed in an investigation that the TeleMessage communication platform was subjected to a cyberattack earlier this month, targeting the data of several of its users, including Mike Waltz, former National Security Advisor to US President Donald Trump. Some of the hacked messages included information related to the movements of high-level government officials, including travel plans for US officials to the Vatican and Jordan, Reuters noted. Based on its limited review, Reuters did not uncover anything that appeared to be clearly sensitive, nor did it reveal conversations with Waltz or other government officials, some of the conversations appear to relate to travel plans for senior government officials. According to information obtained by Reuters from an American organization specializing in archiving leaked documents, the hacked database contained information for more than 60 unique government users. These included emergency response teams, Customs officials, diplomats, a White House staffer, and members of the Secret Service. Earlier this month, US President Donald Trump announced the dismissal of Mike Waltz from his position as National Security Advisor and his appointment as Ambassador to the United Nations, followed the inadvertent leak of sensitive information published in a Signal group in March regarding military attacks on the Houthi group in Yemen. The information was mistakenly passed to a journalist.
Phone Arena
22-05-2025
- Phone Arena
Over 60 White House aides used a Signal clone app. The problem is that it got hacked in 20 minutes
Have you heard of the TeleMessage app? If you keep an eye on what the US government is doing, you probably have. And you about its extremely poor security standards and a cabinet meeting several weeks ago, a photo caught then-national security adviser Mike Waltz secretly using a messaging app on his phone. It looked like Signal (popular because it's allegedly secure), but it was actually a modified version of it, called TM SGNL, made by a company named TeleMessage. Unlike Signal, TM SGNL stores copies of all messages, removing the usual privacy protections. Not good!A recent cyberattack on TeleMessage revealed a broad breach. According to Reuters, leaked data showed over 60 US government users were affected, including FEMA workers, diplomatic staff, customs officers, Secret Service members, and at least one White House official. While most of the intercepted messages appeared fragmentary and not highly sensitive, some involved travel details for senior officials. This leaked data alone could pose serious counterintelligence risks. TeleMessage, owned by Oregon-based Smarsh, has been offline since May 5 amid ongoing White House acknowledged the incident, while agencies like the Secret Service and FEMA confirmed reviews but offered limited details. This incident adds to scrutiny surrounding Waltz, who previously stirred controversy over another recent phone app screw-up. Image by PhoneArena Soon after Waltz's photo was made public, a hacker revealed they had broken into TeleMessage's systems in under 20 minutes. Wired tells the whole fascinating story. The breach was surprisingly easy due to weak password protection and outdated technology. One major flaw involved a feature called a "heap dump" – a snapshot of the system's memory – which was left open to anyone online. By downloading and searching these memory files, the hacker accessed usernames, passwords, and plain text messages from users, including staff from US Customs and Border Protection and employees of major companies like Coinbase. Further investigation revealed that TM SGNL's messages were not fully encrypted as advertised. Instead, they passed through an archive server where they were stored unprotected. Experts warn that exposing heap dump files, especially in public-facing systems, is a serious misconfiguration that can give hackers access to sensitive data. Despite these security flaws, TM SGNL was being used at high levels of government, raising concerns about how secure communication tools are selected and I'm wondering, too.
Indian Express
22-05-2025
- Politics
- Indian Express
Hacker who breached communications app used by Trump aide stole data from across US government
A hacker who breached the communications service used by former Trump national security adviser Mike Waltz earlier this month intercepted messages from a broader swathe of American officials than has previously been reported, according to a Reuters review, potentially raising the stakes of a breach that has already drawn questions about data security in the Trump administration. Reuters identified more than 60 unique government users of the messaging platform TeleMessage in a cache of leaked data provided by Distributed Denial of Secrets, a U.S. nonprofit whose stated mission is to archive hacked and leaked documents in the public interest. The trove included material from disaster responders, customs officials, several U.S. diplomatic staffers, at least one White House staffer and members of the Secret Service. The messages reviewed by Reuters covered a roughly day-long period of time ending on May 4, and many of them were fragmentary. Once little known outside government and finance circles, TeleMessage drew media attention after an April 30 Reuters photograph showed Waltz checking TeleMessage's version of the privacy-focused app Signal during a cabinet meeting. While Reuters could not verify the entire contents of the TeleMessage trove, in more than half a dozen cases the news agency was able to establish that the phone numbers in the leaked data were correctly attributed to their owners. One of the intercepted texts' recipients – an applicant for aid from the Federal Emergency Management Agency – confirmed to Reuters that the leaked message was authentic; a financial services firm whose messages were similarly intercepted also confirmed their authenticity. Based on its limited review, Reuters uncovered nothing that seemed clearly sensitive and did not uncover chats by Waltz or other cabinet officials. Some chats did seem to bear on the travel plans of senior government officials. One Signal group, 'POTUS | ROME-VATICAN | PRESS GC,' appeared to pertain to the logistics of an event at the Vatican. Another appeared to discuss U.S. officials' trip to Jordan. Reuters reached out to all the individuals it could identify seeking comment; some confirmed their identities but most didn't respond or referred questions to their respective agencies. Reuters could not ascertain how TeleMessage had been used by each agency. The service – which takes versions of popular apps and allows their messages to be archived in line with government rules – has been suspended since May 5, when it went offline 'out of an abundance of caution.' TeleMessage's owner, the Portland, Oregon-based digital communications firm Smarsh, did not respond to requests for comments about the leaked data. The White House said in a statement that it was 'aware of the cyber security incident at Smarsh' but didn't offer comment on its use of the platform. The State Department didn't respond to messages. The Secret Service said TeleMessage products had been used 'by a small subset of Secret Service employees' and that it was reviewing the situation. FEMA said in an email that it had 'no evidence' that its information had been compromised. It didn't respond when sent copies of internal FEMA messages. A CBP spokesperson repeated a past statement noting that it had disabled TeleMessage and was investigating the breach. METADATA RISK Federal contracting data shows that State and DHS have had contracts with TeleMessage in recent years, as has the Centers for Disease Control. A CDC spokesperson told Reuters in an email Monday that the agency piloted the software in 2024 to assess its potential for records management requirements 'but found it did not fit our needs.' The status of the other contracts wasn't clear. A week after that hack, the U.S. cyber defense agency CISA recommended that users 'discontinue use of the product' barring any mitigating instructions about how to use the app from Smarsh. Jake Williams, a former National Security Agency cyber specialist, said that, even if the intercepted text messages were innocuous, the wealth of metadata – the who and when of the leaked conversations and chat groups – posed a counterintelligence risk. 'Even if you don't have the content, that is a top-tier intelligence access,' said Williams, now vice president of research and development at cybersecurity firm Hunter Strategy. Waltz's prior use of Signal created a public furor when he accidentally added a prominent journalist to a Signal chat where he and other Trump cabinet officials were discussing air raids on Yemen in real time. Soon after, Waltz was ousted from his job, although not from the administration: Trump said he was nominating Waltz to be the next U.S. ambassador to the United Nations. The circumstances surrounding Waltz's use of TeleMessage haven't been publicly disclosed and neither he nor the White House has responded to questions about the matter.
