During a recent cabinet meeting, President Donald Trump's then national security adviser, Mike Waltz, must have been bored. Apparently unaware of the photographer behind him, he was caught clandestinely checking his Signal messages under the table.
Only he wasn't using the official Signal app, which is widely considered to be the gold standard of encrypted messaging apps. He was actually using a clone of Signal called TeleMessage Signal, or TM SGNL. This app, made by TeleMessage (which was recently acquired by Smarsh), works in almost exactly the same way as Signal, except that it also archives copies of all the messages passing through it, shattering all of its security guarantees.
Two days after the photo of Waltz was published, an anonymous source told me that they had hacked TeleMessage. "I would say the whole process took about 15 to 20 minutes," the hacker said, as Joseph Cox and I reported in 404 Media. "It wasn't much effort at all." Representatives from TeleMessage and Smarsh did not respond to a request for comment.
Please select this link to read the complete article from WIRED.