Hackers Are Trying To Steal Passwords And Sensitive Data From Users Of Signal Clone

Hackers are targeting a antecedently reported bug successful nan Signal clone app TeleMessage successful an effort to bargain users’ backstage data, according to information researchers and a U.S. authorities agency.

TeleMessage, which earlier this twelvemonth was revealed to beryllium utilized by high-ranking officials successful nan Trump administration, already knowledgeable astatine slightest 1 information breach successful May. The institution markets modified versions of Signal, WhatsApp, and Telegram for corporations and authorities agencies that request to archive chats for ineligible and compliance reasons. 

On Thursday, GreyNoise, a cybersecurity patient pinch visibility into what hackers are doing connected nan net acknowledgment to its web of sensors, published a post informing that it has seen respective attempts to utilization nan flaw successful TeleMessage, which was primitively disclosed successful May. 

If hackers are capable to utilization nan vulnerability against their targets, they could entree “plaintext usernames, passwords, and different delicate data,” according to nan firm.

“I was near successful disbelief astatine nan simplicity of this exploit,” GreyNoise interrogator Howdy Fisher wrote successful a station analyzing nan flaw. “After immoderate digging, I recovered that galore devices are still unfastened and susceptible to this.” 

According to nan researcher, exploiting this flaw is “trivial,” and it seems that hackers person taken notice.  

In early July, U.S. cybersecurity agency CISA listed nan flaw — designated officially arsenic CVE-2025-48927 — to its catalog of Known Exploited Vulnerabilities, a database that collects information bugs that are known to person been exploited by hackers. 

In different words, CISA says hackers are successfully exploiting this bug. At this point, however, nary hacks against TeleMessage customers person been publically reported. 

In May, TeleMessage, which astatine that constituent was a little-known replacement to Signal, became a family sanction aft then-U.S. National Security Advisor Mike Waltz accidentally revealed he was utilizing nan app. Waltz had antecedently added a journalist to a highly delicate group chat pinch different Trump management officials, wherever nan group discussed plans to explosive Yemen, an operational information snafu that caused a ungraded leading to Waltz’s ousting. 

After TeleMessage was identified arsenic nan app Waltz and others successful nan management utilized to communicate, nan institution was hacked. Unknown attackers stole nan contents of users’ backstage messages and group chats, including from Customs and Border Protection, and nan cryptocurrency elephantine Coinbase, according to 404 Media, which first reported nan hack.

TeleMessage did not instantly respond to a petition for comment.