The app from Telemessage was hacked with customer data stolen.
A modified version of the Signal app used by the White House to archive data from third-party messaging apps was hacked in less than 30 minutes.
According to 404 Media, TeleMessage, a company that makes a modified version of Signal that archives messages for government agencies, was hacked with customer data stolen.
The data stolen by the hacker contains the contents of some direct messages and group chats sent using its Signal clone, as well as modified versions of WhatsApp, Telegram, and WeChat.
The hack shows that the app contained serious vulnerabilities that allowed a hacker to trivially access the archived chats of some people who used the same tool. The hack also shows that the archived chat logs are not end-to-end encrypted between the modified version of the messaging app, and the ultimate archive destination controlled by the TeleMessage customer.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
