# The Signal App Clone Used by Trump's Administration Was Hacked in Less Than 30 Minutes
The security of U.S. government officials' communications has come under the spotlight once again, as a modified Signal app used to archive data from third-party messaging apps was hacked in less than 30 minutes.
### A Clone of Signal for Archiving Purposes
TeleMessage, an Israeli company, claims to modify encrypted messaging applications so their messages can be archived securely. The company has been making headlines lately after a Reuters journalist took a photo of former U.S. National Security Adviser Mike Waltz's smartphone during a cabinet meeting. The photo revealed Waltz was using an unofficial version of Signal, apparently to message other White House officials.
### How it Works
TeleMessage markets itself to government agencies and businesses, claiming that it offers them a simple way to archive messages from encrypted platforms such as Signal and WhatsApp. U.S. government officials are required to preserve their communications to comply with data retention laws. However, those laws create a challenge because officials also have to adhere to stringent security protocols.
They’re essentially required to communicate within a private “intranet” that’s closed off from the rest of the digital world to minimize the risk of security breaches. TeleMessage says it works by making clones of the official apps. In a video posted on YouTube, it claims that it can keep Signal's end-to-end encryption and other security measures fully intact.
### The Hack
Despite the company's claims, the hack shows that TeleMessage is unable to maintain the same level of security as Signal, which has been widely praised by cybersecurity experts. The breach was first reported by 404 Media, which said the hacker was able to make off a trove of data relating to the U.S. Customs and Border Protection agency, the cryptocurrency firm Coinbase Global Inc., and various other financial institutions that appear to be using the TeleMessage clone.
The hacker did not identify any messages from White House cabinet officials, but the incident demonstrates that the archived chat logs stored by TeleMessage are not fully encrypted when sent from the cloned app to the end server where they’re archived. The server in question is said to be hosted by Amazon Web Services Inc.
### The Implications
The incident raises serious questions about what kinds of secrets may have been discussed by cabinet officials using the app, and how the archived data is being secured. It comes just weeks after it was revealed that some top U.S. officials were using the official Signal app to discuss military operations.
### How Vulnerable Was the Hack?
According to 404 Media, the hacker said he was able to breach TeleMessage’s system in about 15 to 20 minutes. He claimed that he targeted the company after learning about it from earlier media reports, saying he was “just curious” about how secure its cloned apps really are.
The hacker added that he chose not to disclose the issue to TeleMessage first, because he was worried the company might try to cover it up. “It wasn’t much effort at all,” the hacker said. “If I could have found this in less than 30 minutes then anybody else could too. And who knows how long it’s been vulnerable?”
### A Damaging Blow for TeleMessage
TeleMessage Chief Executive Guy Levit declined to comment on the report, which is likely to be extremely damaging for his company. Public records reveal that TeleMessage has contracts with dozens of U.S. government agencies, including the State Department and Centers for Disease Control and Prevention.
The incident highlights the importance of security in the digital age and serves as a reminder that even seemingly secure systems can be vulnerable to attacks.