Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    They’re trying to make deep-sea mining happen

    August 24, 2025

    The Framework Desktop and Linux have shown me the path to PC gaming in the living room

    August 24, 2025

    The West Texas Measles Outbreak Has Ended

    August 24, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » The Signal Clone Mike Waltz Was Caught Using Has Direct Access to User Chats
    Security

    The Signal Clone Mike Waltz Was Caught Using Has Direct Access to User Chats

    News RoomBy News RoomMay 8, 20254 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    The communication app TeleMessage Signal, used by at least one top Trump administration official to archive messages, has already reportedly suffered breaches that illustrate concerning security flaws and resulted in its parent company imposing a service pause this week pending investigation. Now, according to detailed new findings from the journalist and security researcher Micah Lee, TM Signal’s archiving feature appears to fundamentally undermine Signal’s flagship security guarantees, sending messages between the app and a user’s message archive without end-to-end encryption, thus making users’ communications accessible to TeleMessage.

    Lee conducted a detailed analysis of TM Signal’s Android source code to assess the app’s design and security. In collaboration with 404 Media, he had previously reported on a hack of TM Signal over the weekend, which revealed some user messages and other data—a clear sign that at least some data was being sent unencrypted, or as plaintext, at least some of the time within the service. This alone would seem to contradict TeleMessage’s marketing claims that TM Signal offers “End-to-End encryption from the mobile phone through to the corporate archive.” But Lee says that his latest findings show that TM Signal is not end-to-end encrypted and that the company could access the contents of users’ chats.

    “The fact that there are plaintext logs confirms my hypothesis,” Lee tells WIRED. “The fact that the archive server was so trivial for someone to hack, and that TM Signal had such an incredible lack of basic security, that was worse than I expected.”

    TeleMessage is an Israeli company that completed its acquisition last year by the US-based digital communications archiving company Smarsh. TeleMessage is a federal contractor, but the consumer apps it offers are not approved for use under the US government’s Federal Risk and Authorization Management Program, or FedRAMP.

    Smarsh did not return WIRED’s requests for comment about Lee’s findings. The company said on Monday, “TeleMessage is investigating a potential security incident. Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation.”

    Lee’s findings are likely significant for all TeleMessage users but have particular significance given that TM Signal was used by President Donald Trump’s now-former national security adviser Mike Waltz. He was photographed last week using the service during a cabinet meeting, and the photo appeared to show that he was communicating with other high-ranking officials, including Vice President JD Vance, US Director of National Intelligence Tulsi Gabbard, and what appears to be US Secretary of State Marco Rubio. TM Signal is compatible with Signal and would expose messages sent in a chat with someone using TM Signal, whether all participants are using it or some are using the genuine Signal app.

    Lee found that TM Signal is designed to save Signal communication data in a local database on a user’s device and then send this to an archive server for long-term retention. The messages, he says, are sent directly to the archive server, seemingly as plaintext chat logs in the cases examined by Lee. Conducting the analysis, he says, “confirmed the archive server has access to plaintext chat logs.”

    Data taken from the TeleMessage archive server in the hack included chat logs, usernames and plaintext passwords, and even private encryption keys.

    In a letter on Tuesday, US senator Ron Wyden called for the Department of Justice to investigate TeleMessage, alleging that it is “a serious threat to US national security.”

    “The government agencies that have adopted TeleMessage Archiver have chosen the worst possible option,” Wyden wrote. “They have given their users something that looks and feels like Signal, the most widely trusted secure communications app. But instead, senior government officials have been provided with a shoddy Signal knockoff that poses a number of serious security and counterintelligence threats. The security threat posed by TeleMessage Archiver is not theoretical.”

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleCelsius founder Alex Mashinsky sentenced to 12 years in prison
    Next Article Instagram CEO testifies about competing with TikTok: ‘You’re either growing, or you’re slowly dying’

    Related Posts

    Data Brokers Face New Pressure for Hiding Opt-Out Pages From Google

    August 23, 2025

    493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds

    August 20, 2025

    Russia Is Cracking Down on End-to-End Encrypted Calls

    August 19, 2025

    The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived

    August 19, 2025

    Data Brokers Are Hiding Their Opt-Out Pages From Google Search

    August 19, 2025

    Inside the Multimillion-Dollar Gray Market for Video Game Cheats

    August 13, 2025
    Our Picks

    The Framework Desktop and Linux have shown me the path to PC gaming in the living room

    August 24, 2025

    The West Texas Measles Outbreak Has Ended

    August 24, 2025

    I Would Walk 500 Miles Wearing Any of These GoPro Cameras

    August 24, 2025

    The Rad ‘Tony Hawk’s Pro Skater 3+4’ Remasters Are $15 Off Right Now

    August 24, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    The most fun way to look through old photos

    By News RoomAugust 24, 2025

    Hi, friends! Welcome to Installer No. 95, your guide to the best and Verge-iest stuff…

    Meet Wukong, the AI Chatbot China Has Installed on Its Space Station

    August 24, 2025

    Is It Ever Legal—or Ethical—to Remove DRM?

    August 24, 2025

    A Super-Energetic Neutrino That Reached Earth in 2023 Has Been Confirmed to Be Real. But Where Did It Come From?

    August 23, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.