Signal Clone Hacked: Password & Data Theft Risk

TeleMessage Facing Renewed Exploitation Attempts

Security researchers and a U.S. government agency have reported that hackers are actively targeting a previously identified vulnerability within the TeleMessage application. The goal of these attacks is to compromise user privacy and steal sensitive data.

Previous Data Breach and Company Overview

TeleMessage, which gained attention earlier this year due to its use by former Trump administration officials, suffered a data breach as early as May. The company provides customized versions of popular messaging apps – Signal, WhatsApp, and Telegram – tailored for organizations and government entities.

These modified versions are designed to archive chat logs for legal and compliance purposes.

GreyNoise Intelligence

On Thursday, GreyNoise, a cybersecurity firm utilizing a network of sensors to monitor hacker activity, issued a warning. They have observed multiple attempts to exploit the vulnerability originally disclosed in May.

Successful exploitation of this flaw could grant attackers access to usernames, passwords, and other confidential information in plaintext.

Simplicity of the Exploit

GreyNoise researcher Howdy Fisher expressed surprise at the ease with which the vulnerability can be exploited. Fisher noted that a significant number of devices remain susceptible to this attack vector.

According to Fisher, the process of exploiting the flaw is “trivial,” and malicious actors appear to be capitalizing on this.

CISA’s Known Exploited Vulnerabilities List

In early July, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability – officially designated as CVE-2025-48927 – to its catalog of Known Exploited Vulnerabilities.

This designation confirms that hackers are actively and successfully exploiting this security flaw. However, as of now, no breaches affecting TeleMessage customers have been publicly disclosed.

The Mike Waltz Incident

TeleMessage came under scrutiny in May when then-U.S. National Security Advisor Mike Waltz inadvertently revealed his use of the app. Waltz had previously included a journalist in a sensitive group chat discussing potential military actions in Yemen.

This operational security lapse led to a scandal and ultimately contributed to Waltz’s removal from his position.

Earlier Hack and Data Theft

Following the identification of TeleMessage as the communication platform used by Waltz and other administration members, the company itself was targeted by hackers. Attackers reportedly stole the contents of private messages and group chats.

Compromised data included information from Customs and Border Protection, as well as the cryptocurrency exchange Coinbase, as reported by 404 Media.