Attackers successfully leveraging the flaw could expose usernames, passwords, and other sensitive information in plaintext.
Multiple attacks exploiting a vulnerability in the TeleMessage platform's Signal clone app have sought to compromise users' credentials and data since the flaw's initial disclosure in May.
Threat actors successfully leveraging the flaw could expose usernames, passwords, and other sensitive information in plaintext, a report from GreyNoise revealed and reported by TechCrunch.
"I was left in disbelief at the simplicity of this exploit. After some digging, I found that many devices are still open and vulnerable to this," said GreyNoise researcher Howdy Fisher
Such a development comes after the security issue was added by CISA to its Known Exploited Vulnerabilities catalog, which recommended the remediation of the bug by July 22nd. TeleMessage had users' private messages and group chat contents recently compromised after the platform was discovered to have been utilised by officials part of the Trump administration for military strike plan discussions.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
