Mike Waltz’s signal clone was caught by direct access to user chats
Communication Program The TeleMessage signal, which is used by a senior Trump administration for archive messages, has already been violated by security defects, leading its parent company to conduct a service pause this week. Now, according to new and accurate findings from Mica Lee’s journalist and security researcher, the TM signal archive feature fundamentally undermines the signal flagship security guarantees, sending a message between the application and the user’s message archive without an end encryption, thus making users’ communication available.
Lee performed a detailed analysis of the Android source code TM signal to evaluate the design and security of the program. In collaboration with 404 media, he had previously announced the TM signal hacking, showing some user messages and other data – a clear sign that at least some data is sent without encryption or as inappropriate text, at least some time in the service. This seems to be inconsistent with TeleMessage marketing claims that TM Signal offers “end -to -end encryption of mobile phones via corporate archive”. But Lee says his latest findings indicate that the TM signal is not encrypted and that the company can access the contents of users’ chats.
Lee tells Wired: “The fact that there are logs of text confirm my hypothesis.” “The fact that the archive server was very trivial to hack someone, and that the TM signal had such a major insecurity was worse than expected.”
Telemessage is an Israeli company that finished earning a new year by the US Digital Communications Archives in the United States. TeleMessage is a federal contractor, but consumer programs it offers are not approved for use under US Federal Risk and Federal License Program or FEDRAMP.
Smarsh does not return Wired requests to comment on Lee’s findings. “TeleMessage is investigating a potential security incident. After detecting, we did so quickly to control it and engage a foreign cyber security company to support our research,” the company said on Monday.
Lee’s findings are probably noticeable to all TeleMessage users, but given that the TM signal was used by Mike Waltz, President Donald Trump’s national security adviser is of particular importance. He was photographed in a cabinet meeting last week, and it appears that the photo shows that he is in touch with other senior officials, including Vice President JD Vance, National Intelligence Director Tulsi Gabbard, and what seems to be Marco Rubio’s US Secretary of State. The TM signal is compatible with the signal and exposes the messages sent in the chat with a person who uses the TM signal, whether all participants use it or some of them use the main signal program.
Lee found that the TM signal is designed to store the signal communication data in a local database on the user’s device and then sends it to an archive server for long -term maintenance. According to him, messages are sent directly to the archive server, as it seems as simple chats in cases investigated by Lee. “The archive server has access to the SCCHAINTEXT chat logs,” he said.
Data derived from the television archive server in the hack include chat reports, usernames and text passwords, and even private encryption keys.
In a letter on Tuesday, US senator Ron Viden called for investigations into the Ministry of Justice’s equality telecommunications, claiming that it was a “serious threat to US national security”.
“Government agencies that have adopted Archiver TeleMessage have chosen the worst possible option,” Viden wrote. “They have given their users something that looks like the signal is the most secure communications communications program. But instead, senior government officials have been offered a shaky signal that creates a number of serious security and anti -monopoly threats.
