Hackers exploited a vulnerability in Telemessage. It provides a modified version of encrypted messaging apps such as Signals, Telegram, WhatsApp, and extracts other data related to US government officials and businesses using archived messages and tools.
Telemessage was in the spotlight last week after former US national security adviser Mike Waltz was reported to be using a modified version of Telemessage version of Signal. Israel-based Telemessage, owned by Smarsh, offers clients a way to archive messages containing audio notes from encrypted apps.
The message of the cabinet members and waltz was not compromised, said 404 Media, but the hacked data contained the content of the message. Contact information for government employees. Telemedge backend login credentials. more. Data on financial service providers like U.S. Customs and Border Protection, Crypto Exchange Coinbase, and Scotiabank were extracted by hackers, the report says.
Hack revealed that the archived chat logs are not end-to-end encrypted between the modified version of the signal provided by Telemesurge and the ultimate place to store messages, 404 Media reported.
Smarsh, the company that owns Telemessage, told TechCrunch it has stopped Telemessage’s service and is investigating “potential security incidents.”
“After detection, we contained it and acted promptly and engaged with an external cybersecurity company to support the investigation,” read the statement. “Due to the abundant care, all telemedge services have been temporarily suspended. All other Smarsh products and services are fully operational.”
A Coinbase spokesperson said the company “follows these reports closely to assess their impact on Coinbase. At this time, there is no evidence that Coinbase’s sensitive customer information has been accessed that means that customer accounts are being accessed or that their customer accounts are at risk, as Coinbase does not use this tool to share passwords, seed phrases, or other data needed to access their accounts.
TechCrunch Events
Berkeley, California
|
June 5th
Book now
Signal, US Customs and Border Protection, and Scotiabank did not immediately return requests for comment.
This story has been updated to include comments from Smarsh and Coinbase.
Source link
