黑客正利用TeleMessage应用中的一个漏洞窃取用户隐私数据。该漏洞曾于5月被披露,可让攻击者获取用户名、密码等敏感信息。尽管尚未有针对该应用用户的攻击报告,但美国网络安全机构已将其列为已知被利用的漏洞。 2025-7-17 16:2:23 Author: techcrunch.com(查看原文) 阅读量:16 收藏
Hackers are targeting a previously reported bug in the Signal clone app TeleMessage in an effort to steal users’ private data, according to security researchers and a U.S. government agency.
TeleMessage, which earlier this year was revealed to be used by high-ranking officials in the Trump administration, already experienced at least one data breach in May. The company markets modified versions of Signal, WhatsApp, and Telegram for corporations and government agencies that need to archive chats for legal and compliance reasons.
On Thursday, GreyNoise, a cybersecurity firm with visibility into what hackers are doing on the internet thanks to its network of sensors, published a post warning that it has seen several attempts to exploit the flaw in TeleMessage, which was originally disclosed in May.
If hackers are able to exploit the vulnerability against their targets, they could access “plaintext usernames, passwords, and other sensitive data,” according to the firm.
“I was left in disbelief at the simplicity of this exploit,” GreyNoise researcher Howdy Fisher wrote in a post analyzing the flaw. “After some digging, I found that many devices are still open and vulnerable to this.”
According to the researcher, exploiting this flaw is “trivial,” and it seems that hackers have taken notice.
Contact Us
Do you have more information about these attacks? Or about TeleMessage? We’d love to hear from you. From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.
In early July, U.S. cybersecurity agency CISA listed the flaw — designated officially as CVE-2025-48927 — to its catalog of Known Exploited Vulnerabilities, a database that collects security bugs that are known to have been exploited by hackers.
In other words, CISA says hackers are successfully exploiting this bug. At this point, however, no hacks against TeleMessage customers have been publicly reported.
In May, TeleMessage, which at that point was a little-known alternative to Signal, became a household name after then-U.S. National Security Advisor Mike Waltz accidentally revealed he was using the app. Waltz had previously added a journalist to a highly sensitive group chat with other Trump administration officials, where the group discussed plans to bomb Yemen, an operational security snafu that caused a scandal leading to Waltz’s ousting.
After TeleMessage was identified as the app Waltz and others in the administration used to communicate, the company was hacked. Unknown attackers stole the contents of users’ private messages and group chats, including from Customs and Border Protection, and the cryptocurrency giant Coinbase, according to 404 Media, which first reported the hack.
TeleMessage did not immediately respond to a request for comment.
Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy. You can contact Lorenzo securely on Signal at +1 917 257 1382, on Keybase/Telegram @lorenzofb, or via email at [email protected].
如有侵权请联系:admin#unsafe.sh