A signal clone used by the US government has been hacked. The case, revealed by 404 mediaexposes major vulnerabilities in a tool supposed to guarantee the secure archiving of communications from US official representatives.
The hack targeted Telemessagean Israeli application partially incorporating the signal code while adding an automatic message archiving function. This app, sold to government agencies and financial institutions, has been compromised: direct and group messages sent via modified signal, WhatsApp, Telegram or Wechat versions have been exfiltrated.
Stolen data include internal exchanges of Customs and Border Protection (CBP)crypto exchange Cornerbaseas well as other financial players. The messages of high -ranking officials were not directly accessible, but the system architecture theoretically allowed an extended compromise.
A leak triggered by a photo in presidential meeting
The scandal broke out when a Photo taken during a meeting of the Trump firm shown Mike Waltzthen national security advisor, consulting a messaging app for “TM SGNL PIN”. The identified interface refers to Telemessagewhich markets a signal -based tool, but with backup functions for legal compliance.
A few weeks ago, Mike Waltz had accidentally joined a journalist in a discussion group containing military plans. This double exposure led to its revocationimmediately followed by his appointment as an ambassador to the UN.
Modified signal, compromise encryption
Telemessage presents itself as a “compliant” tool to archive exchanges to meet regulation requirements. But unlike signal, End -to -end encryption does not extend to the final storage. The user can even automatically redirect his messages to third -party systems (such as an email address), opening the way for unsecured interceptions.
The structure of the app is based on a Signal Forkwithout validation or official partnership. The Signal team also said they did not know the existence of Telemessage before the case has fun publicly.
An opaque federal adoption
Telemessage, founded in Israel in 1999 and then acquired by Smarshhas obtained several American public contracts, including one of $ 2.1 million signed in 2023 by FEMA and the Department of Homeland Security.
It illustrates a phenomenon of Shadow Institutional : tools not referenced by central instances but introduced locally for facilities of ease or compliance. This type of practices, outside the framework of validated solutions, weakens collective security guarantees.
A false feeling of conformity
Telemessage is based on a model ofCompliant but unsecured archiving. By meeting retention standards imposed by regulators, the tool diverts the promise of confidentiality of the original app. Encryption becomes partial, broken between the transmitter and storage.
