TeleMessage, the Signal Clone Used by US Government Officials, Suffers Hack
US government officials have been using a encrypted messaging app called TeleMessage, which is based on the popular Signal platform, but it has recently suffered a serious security breach. The app, which was used by National Security Advisor Mike Waltz during a recent cabinet meeting at the White House, has been temporarily suspended out of "an abundance of caution" after a hacker reportedly gained access to US government communications.
TeleMessage entered the spotlight earlier this month when it was revealed that Waltz was using the app on his smartphone during the meeting. This incident sparked concerns about the use of Signal for government business, as it is not approved for sending classified information. However, it appears that US officials decided to turn to TeleMessage, a little-known Israeli company, which provided a modified version of Signal for message archiving.
The latest development - the exploitation of a vulnerability in TeleMessage to extract messages and other details from the app's users. According to reports, data stolen by the hacker includes chats sent not just using its Signal clone, but also its versions of WhatsApp, Telegram, and WeChat. Although messages sent by members of the US cabinet via Telemessage were not included in the hacker's haul, breached data did include the contents of messages, contact details of government officials, and back-end login credentials for TeleMessage.
In addition to this, data related to the cryptocurrency exchange Coinbase, financial service provider Scotiabank, and US Customs and Border Protection was also compromised. All of which strongly suggests that TeleMessage is not properly enforcing end-to-end encryption in its archived chat logs. The company has suspended the app's operation while it investigates the security breach.
"Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation," said Smarsh, the owner of TeleMessage. "Out of an abundance of caution, all TeleMessage services have been temporarily suspended. All other Smarsh products and services remain fully operational."
Whatever the outcome of the investigation into the security breach, it is not likely to have much of an impact on Mike Waltz. He has no future as US National Security Advisor due to his previous security snafu with Signal.