Ad
Image: putilov_denis/Adobe Stock
A little-known messaging app called TeleMessage used by former Trump National Security Adviser Mike Waltz has been hacked. The company behind the app has shut down its services as it investigates the breach.
TeleMessage is a modified version of encrypted messaging tools like Signal and WhatsApp that is designed to archive messages for government and corporate use. A hacker recently exposed serious vulnerabilities in TeleMessage’s services.
In a statement on Monday, the company said: “Out of an abundance of caution, all TeleMessage services have been temporarily suspended. All other Smarsh products and services remain fully operational.” Smarsh Inc., based in Portland, Oregon, owns TeleMessage.
What the hacker found in ‘about 15-20 minutes’
According to a report from 404 Media, the hacker was able to access some message contents, including direct messages and group chats from the app’s users. While not all user data was taken, the breach included sensitive communications involving government officials and financial institutions.
The hacker managed to steal snapshots of data, including:
- Message content from Signal clones and other messaging apps.
- Conversations involving high-stakes political discussions.
- Internal messages from cryptocurrency firms like Coinbase and Galaxy Digital.
- Names, emails, and phone numbers of US Customs and Border Protection (CBP) officials.
The hacker, who remains anonymous, told 404 Media: “I would say the whole process took about 15-20 minutes. It wasn’t much effort at all.” The hacker added: “If I could have found this in less than 30 minutes, then anybody else could too. And who knows how long it’s been vulnerable?”
Why this data breach is especially concerning
The breach is particularly alarming because TeleMessage modifies apps like Signal, which are typically end-to-end encrypted, to send message copies to a remote archive. That modification means messages can be intercepted if the archiving system isn’t secure.
Signal distanced itself from the app, telling 404 Media: “We cannot guarantee the privacy or security properties of unofficial versions of Signal.”
Must-read security coverage
Trump adviser’s use sparked attention
The app came under public scrutiny after a Reuters photographer captured Mike Waltz using it during a cabinet meeting. Once zoomed in, the image revealed Waltz using TeleMessage’s version of Signal. His contacts reportedly included high-profile figures such as Sen. Marco Rubio and U.S. Director of National Intelligence Tulsi Gabbard.
That incident followed a report by The Atlantic that revealed top officials had used Signal to discuss military operations. Waltz had accidentally added the outlet’s editor-in-chief to a Signal group chat, sparking concerns about operational security.
Company silence and fallout
TeleMessage had contracts with several US agencies, including the State Department and the Centers for Disease Control and Prevention, according to public procurement records.
Coinbase, whose employee data was part of the breach, said in a statement to 404 Media: “We are closely following these reports and assessing their impact on Coinbase. At this time, there is no evidence that any sensitive Coinbase customer information was accessed.”
TeleMessage CEO Guy Levit has not publicly commented. A representative from Smarsh declined to answer detailed questions about the breach. Meanwhile, TeleMessage’s website has been wiped, and service descriptions and download links that were previously available have been removed.
SURVEY: Is your software supply chain secure? Calling all security savants to share your experiences, tips, and insights with the community on our sister site DZone. Take this security survey now!
Ad
