Hackers exploited a vulnerability in Telemessage. It provides a modified version of encrypted messaging apps such as Signals, Telegram, WhatsApp, and extracts other data related to US government officials and businesses using archived messages and tools.
Telemessage was in the spotlight last week after former US national security adviser Mike Waltz was reported to be using a modified version of Telemessage version of Signal. Israel-based Telemessage, owned by Smarsh, offers clients a way to archive messages containing audio notes from encrypted apps.
The message of the cabinet members and waltz was not compromised, said 404 Media, but the hacked data contained the content of the message. Contact information for government employees. Telemedge backend login credentials. more. Data on financial service providers like U.S. Customs and Border Protection, Crypto Exchange Coinbase, and Scotiabank were extracted by hackers, the report says.
Hack revealed that the archived chat logs are not end-to-end encrypted between the modified version of the signal provided by Telemesurge and the ultimate place to store messages, 404 Media reported.
Smarsh, Signal, U.S. Customs and Border Protection, Coinbase, and Scotiabank did not immediately return requests for comment.