Techly NewsGet the app

Get the latest tech news

How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes


The company behind the Signal clone used by at least one Trump administration official was breached earlier this month. The hacker says they got in thanks to a basic misconfiguration.

They tried logging into secure.telemessage.com using a pair of these credentials and discovered that they had just hacked a user with an email address associated with US Customs and Border Protection, one of the agencies implementing Trump’s draconian immigration policy. At this point, the hacker says they had spent 15 to 20 minutes poking at TeleMessage’s servers, and had already compromised one of their federal government customers, along with one of the world’s biggest cryptocurrency exchanges. A 2024 post on the cloud security company Wiz’s blog lists “Exposed HeapDump file” as the number one common misconfiguration in Spring Boot Actuator.

Get the Android app

Or read this on Wired

Read more on:

Photo of minutes

minutes

Related news:

News photo

Outage leaves up to 20 pilots headed to Denver airport unable to contact air traffic control on Monday. Pilots were unable to communicate with the Denver Air Route Traffic Control Center for up to six minutes.

News photo

Mass spectrometry method identifies pathogens within minutes instead of days

News photo

Claude’s AI research mode now runs for up to 45 minutes before delivering reports

« Ubuntu 25.04 Delivers Decisive Lead Over Fedora 42 For Ampere Altra Performance
Anatomy of a $70M Auction Flop »