Latest news with #TeleMessageSignal
Yahoo
19-05-2025
- Yahoo
Knock-off Signal app Mike Waltz was caught using can be hacked in ‘15 to 20 minutes,' report says
The 'knock-off' Signal app Mike Waltz was caught using, which lacks security guarantees, can be hacked in '15 to 20 minutes,' according to a report. Days after former National Security Adviser Mike Waltz was caught in photos using a Signal dupe called TeleMessage Signal, or TM SGNL, a hacker broke into the app and was able to access sensitive data. The app, which archives copies of all messages, unlike Signal, was infiltrated easily and within a matter of minutes all thanks to a basic misconfiguration in the app, the hacker told Wired. 'I would say the whole process took about 15 to 20 minutes,' the hacker said. 'It wasn't much effort at all.' TeleMessage, which has since temporarily suspended its services, had a weak password system and a slew of other issues that allowed the hacker to easily infiltrate. 'I first looked at the admin panel and noticed that they were hashing passwords to MD5 on the client side, something that negates the security benefits of hashing passwords, as the hash effectively becomes the password,' the hacker said. Hashing is a security measure that transforms plain-text passwords into a seemingly random string of characters, making it difficult to determine the original password. However, TeleMessage used MD5, an inadequate version of the algorithms used to hash passwords, according to Wired. TeleMessage was also programmed with JSP, an antiquated program to create web apps in Java, which made the hacker realize 'their security must be poor.' The hacker then utilized Feroxbuster, which locates publicly available resources on a website, to find a vulnerable URL to hack. They were then led to a Java heap dump – a snapshot of the server's memory the moment they loaded the URL – and discovered usernames and passwords of random accounts. The hacker tried logging into the app with a random pair of credentials they had just gained access to – and eventually hacked into an account with an email address associated with US Customs and Border Protection. CBP confirmed to Wired that it was a TeleMessage customer. The hacker was then able to read plaintext chat logs, including internal conversations from Coinbase, a popular crypto trading platform. Within 15 to 20 minutes, the hacker said they were able to compromise CBP and Coinbase, according to the report. According to the report, the app uploaded unencrypted messages to before forwarding the messages to the customer's intended destination. This goes against TeleMessage's claims that the app uses 'end-to-end encryption from the mobile phone through to the corporate archive,' according to the report. Additionally, according to the report, if anyone had loaded the heap dump URL as Mike Waltz was texting on the app, they would have been able to gain access to his encrypted Signal messages as well. Waltz was Trump's National Security Adviser before being removed from his post and tapped to be the U.S. ambassador to the United Nations. The shakeup happened after Waltz accidentally added Jeffrey Goldberg, the editor-in-chief of The Atlantic, to a Signal group chat where top Trump officials were discussing imminent U.S. military strikes on Yemen. Goldberg then reported on what was supposed to be a secret dialogue between officials, including Defense Secretary Pete Hegseth and Vice President JD Vance, causing a scandal for the Trump administration. Secretary of State Marco Rubio is Trump's acting National Security Adviser until he names an official replacement.
WIRED
05-05-2025
- Business
- WIRED
Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked
May 5, 2025 5:24 PM The communications app TeleMessage, which was spotted on former US national security adviser Mike Waltz's phone, has suspended 'all services' as it investigates reports of at least one breach. US National Security Adviser Mike Waltz checks his mobile phone while attending a cabinet meeting at the White House on April 30, 2025. Photograph: Evelyn Hockstein/Reuters The messaging app used by at least one top Trump administration official has suspended its services following reports of hackers stealing data from the app. The company, TeleMessage, says it is now investigating the incident. 'TeleMessage is investigating a potential security incident. Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation,' a Smarsh spokesperson tells WIRED in a statement. 'Out of an abundance of caution, all TeleMessage services have been temporarily suspended. All other Smarsh products and services remain fully operational.' President Donald Trump's now-former national security adviser Mike Waltz was captured by a Reuters photographer last week using an unauthorized version of the secure communication app Signal—known as TeleMessage Signal or TM Signal—which allows users to archive their communications. Photos of Waltz using the app appear to show that he was communicating with other high-ranking officials, including Vice President JD Vance, US Director of National Intelligence Tulsi Gabbard, and US Secretary of State Marco Rubio. Experts told WIRED on Friday that, by definition, TM Signal's archiving feature undermined the end-to-end encryption that makes the actual Signal communication app secure and private. 404 Media and independent journalist Micah Lee reported on Sunday that the app had been breached by a hacker. NBC News reported on Monday that it had reviewed evidence of an additional breach. TeleMessage was founded in Israel in 1999 and was acquired last year by the US-based digital communications archiving company Smarsh. TeleMessage makes apparently unauthorized versions of popular communications apps that include archiving features for institutional compliance. But the company claims that its lookalikes have the same digital defenses as their legitimate counterparts, potentially giving users a false sense of security. Waltz's app usage came under intense scrutiny last month after he appeared to have added the editor-in-chief of The Atlantic to a Signal group chat in which Trump administration officials discussed plans for a military operation. Dubbed SignalGate, the scandal ultimately preceded Waltz's ouster as national security adviser. President Trump said last week that he plans to nominate him to be ambassador to the United Nations. TeleMessage apps are not approved for use under the US government's Federal Risk and Authorization Management Program, or FedRAMP, and yet they seem to be proliferating. Leaked data reportedly from TM Signal indicates that multiple US Customs and Border Protection agents may be using the Signal lookalike. When asked about the breach and whether CBP officers use TM Signal, the agency tells WIRED, 'We're looking into this.' After a number of reports by Lee and 404 Media over the weekend, TeleMessage removed all content from its website on Saturday and took down their archiving service on Sunday. 'We are committed to transparency and will share updates as we are able,' the Smarsh statement adds. 'We thank our customers and partners for their trust and patience during this time.' Since the revelation last week that Mike Waltz appeared to be using TM Signal, experts have feared that information shared on the app could jeopardize US national security.
WIRED
02-05-2025
- Politics
- WIRED
Mike Waltz Has Somehow Gotten Even Worse at Using Signal
On ThursdaY, Reuters published a photo depicting then-United States national security advisor Mike Waltz checking his phone during a cabinet meeting held by President Trump in the White House. If you enlarge the portion of the image that captures Waltz's screen, it seems to show him using the end-to-end encrypted messaging app Signal. But if you look more closely, a notification on the screen refers to the app as 'TM SGNL.' During a White House cabinet meeting on Wednesday, then, Waltz was apparently using an Israeli-made app called TeleMessage Signal to message with people who appear to be top US officials, including JD Vance, Marco Rubio and Tulsi Gabbard. After senior Trump administration cabinet members used vanishing Signal messages to coordinate March military strikes in Yemen—and accidentally included the editor in chief of The Atlantic in the group chat—the "SignalGate" scandal highlighted concerning breaches of traditional government "operational security" protocol as well as compliance issues with federal records retention laws. At the center of the debacle was Waltz, who was ousted by Trump as US national security advisor on Thursday. Waltz created the 'Houthi PC Small Group' chat and was the member who added top Atlantic editor Jeffrey Goldberg. "I take full responsibility. I built the group," Waltz told Fox News in late March. "We've got the best technical minds looking at how this happened," he added at the time. SignalGate had nothing to do with Signal. The app was functioning normally and was simply being used at an inappropriate time for an incredibly sensitive discussion that should have been carried out on special-purpose, hardened federal devices and software platforms. If you're going to flout the protocols, though, Signal is (relatively speaking) a good place to do it, because the app is designed so only the senders and receivers of messages in a group chat can read them. And the app is built to collect as little information as possible about its users and their associates. This means that if US government officials were chatting on the app, spies or malicious hackers could only access their communications by directly compromising participants' devices—a challenge that is potentially surmountable, but at least limits possible access points. Using an app like TeleMessage Signal, though, presumably in an attempt to comply with data retention requirements, opens up numerous other paths for adversaries to access messages. "I don't even know where to start with this," says Jake Williams, a former NSA hacker and vice president of research and development at Hunter Strategy. 'It's mind blowing that the federal government is using Israeli tech to route extremely sensitive data for archival purposes. You just know that someone is grabbing a copy of that data. Even if TeleMessage isn't willingly giving it up, they have just become one of the biggest nation state targets out there.' TeleMessage was founded in Israel in 1999 by former Israel Defense Forces technologists and run out of the country until it was acquired last year by the US-based digital communications archiving company Smarsh. The service creates duplicates of communication apps that are outfitted with a 'mobile archiver' tool to record and store messages sent through the app. 'Capture, archive and monitor mobile communication: SMS, MMS, Voice Calls, WhatsApp, WeChat, Telegram & Signal,' TeleMessage says on its website. For Signal it adds, 'Record and capture Signal calls, texts, multimedia and files on corporate-issued and employee BYOD phones.' (BYOD stands for bring your own device.) In other words, there are TeleMessage versions of Signal for essentially any mainstream consumer device. The company says that using TeleMessage Signal, users can 'Maintain all Signal app features and functionality as well as the Signal encryption,' adding that the app provides 'End-to-End encryption from the mobile phone through to the corporate archive.' The existence of 'the corporate archive,' though, undermines the privacy and security of the end-to-end encryption scheme.
