How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
https://www.wired.com/story/how-the-signal-knock-off-app-telemessage-got-hacked-in-20-minutes/ #TeleMessage #Messaging #Tech #Technology #Security #CyberSecurity
U.S. #CISA adds #TeleMessage TM SGNL to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/177743/hacking/u-s-cisa-adds-telemessage-tm-sgnl-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking
The breach confirms that messages sent through the altered app were vulnerable during transmission to the archive systems controlled by #TeleMessage's clients. Signal, commenting on the #Israeli clone adopted by the U.S. government, stated it "cannot guarantee the privacy or security properties of unofficial versions of Signal."
After an activist hacker breached #Israeli company #TeleMessage, they revealed that the company had slipped the #Trump administration a modified version of #Signal, later found to be storing official communications without end-to-end encryption. The hacker accessed TeleMessage's backend panel using credentials found in intercepted data, exposing archived chat logs and contact information for U.S. officials.
US Admin Signalgae App Compromised Within 20 minutes According To Anonymous Security Report
#Signalgate #USA #infosec #cybersecurity #e2ee #encryption #crypto #security #telemessage
I've gotta say, this whole #TeleMessage thing puts into pretty stark relief what a steaming pile of bullshit the #infosec product space is.
TM claimed with zero evidence, "You can add us to your secure messaging apps and they'll still be secure!" and high-security orgs needing records retention were like, "Well, they say they're secure, so let's just take their word for it and dive right in!"
Lying infosec vendors and orgs believing them are both endemic.
Sitôt modifiée, déjà trouée... 
L'appli plagiée et modifiée à partir de Signal a déjà laissé fuiter des infos de contact et des messages privés.
#signal #telemessage
https://www.theverge.com/news/661173/telemessage-signal-clone-hacked-mike-waltz
Customs and Border Protection Confirms Its Use of Hacked #Signal Clone #TeleMessage
@aho Text-to-landline is different tech to the Israeli->US firm's Signal app offshoot, but it signifies that the mothership firm of #TeleMessage, Messaging International PLC based in Londongrad, was trusted by the russians to cater to the latter's domestic network market, probably at source code level.
I'm certain the MI5 have been looking at that firm and its russian comms business links... 
Or more likely, investigative journalists are on the case.
Then there's been the SigmaRoc PLC "lime and limestone materials group" that curiously bought totally unrelated communications assets... 
The gun's not exactly smoking but merely smells of makhorka.
Let the #TeleMessage #Signal clone hack be a reminder that there’s no such thing as a backdoor for the good guys. A backdoor is a backdoor is a backdoor. If there’s one, a bad guy will eventually find it.
The #Signal Clone the #Trump Admin Uses Was Hacked
https://www.404media.co/the-signal-clone-the-trump-admin-uses-was-hacked/
@heidilifeldman When I first learned that the Signal copy (?) they used was called "Telemessage" I was fully expecting it to be work by the people who'd created "Telegram"... i.e. russians.
Signal of course is Open Source so building something clonish isn't rocket science, but after tweaks, additions and time any copy is unlikely to be as secure.
Turns out the company claiming to have built it is Israeli (founded in 1999) and the app was sold to some murican finance VC obviously close to MAGA in Feb 2024.
I'm still expecting the MAGA-fostering russians to be lurking somewhere behind the curtain.
#SignalGate épisode 372 : l’application #TeleMessage a été hackée
https://next.ink/brief_article/signalgate-episode-372-lapplication-telemessage-a-ete-hackee/
Après l’invitation d’un journaliste dans une boucle de discussion Signal, voilà que le conseiller à la sécurité de Donald Trump Michael Waltz se connecte à son compte TeleMessage, sous les yeux des caméras.
[…] L’entreprise israélienne TeleMessage, déclare permettre d’utiliser Signal tout en sauvegardant tous les échanges entrants et sortants à des fins d’archivage.
[…] Or, selon 404 media, TeleMessage a été hackée, permettant aux attaquants de récupérer des conversations de groupe utilisés via ses clones de #Signal, #WhatsApp ou encore #Telegram
Nun wird es etwas komplizierter. Ihr erinnert euch an #Signalgate?
Phase 1: Ein Journalist wird «aus Versehen» in einen sicherheitskritischen US-Militärchat auf #Signal eingeladen.
Phase 2: Wir lernen, dass derselbe Einlader auch militärische Infos in einem Familienchat teilt.
Phase 3: Wir finden heraus, dass dazu eine modifizierte Version der Signal-App verwendet wird.
Phase 4: Diese Version von #TeleMessage archiviert die Daten unsicher.
Etwas ausführlicher hier:
https://dnip.ch/2025/05/06/dnip-briefing-23-friends-fiction/#Signalgate-geht-in-die-zweite-Runde
»Security – Messaging app seen in use by Mike Waltz suspends service after hackers claim breach:
Mike Waltz seemed to use the app at last week's Cabinet meeting, according to a photograph published by Reuters.«
Bye grande bad dilantic clone and yes this is a good example of how security is NOT implemented in software development
Please (frantic running in background)
Be (stocks are dumped)
Patient (an admin is just blindly ripping cables)
While (CEO is desperately looking for a CISO to throw in front of a bus)
TeleMessage (Smarsh is distancing itself by trying to yeet TM into the Kuiper Belt)
Suspends “all services” (somebody is screaming “JUST SHUT IT ALL DOWN”!)
The "We've got Signal at home" app has been hacked!
TeleMessage, a Signal clone the Trump administration uses, has been hacked
#TeleMessage, an Israeli company that sells an unofficial #Signal message archiving tool used by some U.S. government officials, has suspended all services after reportedly being hacked. #CyberSecurity #SignalGate #hackingnews
https://www.bleepingcomputer.com/news/security/unofficial-signal-app-used-by-trump-officials-investigates-hack/
RightToPrivacy & Tech Tips 
️
