Unofficial Signal Clone Used by Former NSA Mike Waltz Hacked, Raising Security Concerns

Unofficial Signal Clone Used by Former NSA Mike Waltz Hacked, Raising Security Concerns

A shocking revelation has emerged about the unauthorized use of an unofficial Signal clone by former National Security Adviser Mike Waltz. According to a report published by tech news outlet 404 Media on Sunday, the hacker gained access to customer data from TeleMessage, a Signal-like app used by Waltz during a cabinet meeting.

The breach allegedly exposed the contents of some direct messages and group chats sent through these modified apps. While the hacker did not gain access to messages sent by Waltz or other senior officials, the attack revealed that archived chat logs were not protected by end-to-end encryption once routed from the app to the archival systems controlled by TeleMessage clients.

Among the most alarming details revealed by the hack is that chats involving high-profile figures —such as Senators Marco Rubio, Tulsi Gabbard, and JD Vance — were potentially vulnerable. The tool's design made it possible for a hacker to easily access archived messages of users outside the inner circle of top officials.

404 Media quoted the unidentified hacker, who claimed to have infiltrated TeleMessage's backend infrastructure and intercepted user messages. The hacker reportedly provided 404 Media with samples of the compromised data, some of which the outlet was able to independently verify.

The revelation of Waltz's use of TeleMessage has only amplified scrutiny of the app and its implications for national security. Waltz was removed from his position Thursday following a scandal in which he reportedly created a Signal group to share real-time updates on U.S. military actions in Yemen. The situation escalated after a journalist was accidentally added to the group, raising alarms about the careless handling of classified information.

Signal, known for its end-to-end encryption and resistance to surveillance, distanced itself from unofficial versions of its app. A Signal spokesperson stated that the company "cannot guarantee the privacy or security properties of unofficial versions of Signal."

TeleMessage is being rebranded as "Capture Mobile" by its parent company, Smarsh. Its core function is to capture and archive messages after they are decrypted, a practice meant to meet government record-keeping requirements. However, cybersecurity experts warn that such systems, if not securely implemented, can introduce serious vulnerabilities—exactly as the recent hack demonstrated.