By Chris Menahan – Information Liberation
The Israeli-modified Signal clone Mike Waltz was photographed last week using on his phone was swiftly hacked after the story came out due to gaping security vulnerabilities.
From 404Media, “The Signal Clone the Trump Admin Uses Was Hacked”:
A hacker has breached and stolen customer data from TeleMessage, an obscure Israeli company that sells modified versions of Signal and other messaging apps to the U.S. government to archive messages, 404 Media has learned. The data stolen by the hacker contains the contents of some direct messages and group chats sent using its Signal clone, as well as modified versions of WhatsApp, Telegram, and WeChat. TeleMessage was recently the center of a wave of media coverage after Mike Waltz accidentally revealed he used the tool in a cabinet meeting with President Trump.
The hack shows that an app gathering messages of the highest ranking officials in the government—Waltz’s chats on the app include recipients that appear to be Marco Rubio, Tulsi Gabbard, and JD Vance—contained serious vulnerabilities that allowed a hacker to trivially access the archived chats of some people who used the same tool. The hacker has not obtained the messages of cabinet members, Waltz, and people he spoke to, but the hack shows that the archived chat logs are not end-to-end encrypted between the modified version of the messaging app and the ultimate archive destination controlled by the TeleMessage customer.
[…] “I would say the whole process took about 15-20 minutes,” the hacker said, describing how they broke into TeleMessage’s systems. “It wasn’t much effort at all.” […] According to public procurement records, TeleMessage has contracts with a range of U.S. government agencies, including the State Department and Centers for Disease Control and Prevention.
The hacker obtained data from U.S. Customs and Border Protection, Coinbase, Scotiabank, Galaxy Digital and Washington D.C. Metropolitan Police, 404 Media reported. They chose not to dig any further but it’s entirely possible foreign intelligence agencies extracted everything they could.
Mike Waltz and everyone using this software are presumably handing our data over not just to Israeli intelligence but the entire world.