Lousy Smarsh weather Signal clone used by Trump official stops operations after report it was hacked Mike Waltz needs to find a new app. Jon Brodkin – May 5, 2025 5:37 pm | 29 National Security Advisor Michael Waltz looks at his phone as he prepares for a TV interview at the White House on May 01, 2025 in Washington, DC. Credit: Getty Images | Andrew Harnik National Security Advisor Michael Waltz looks at his phone as he prepares for a TV interview at the White House on May 01, 2025 in Washington, DC. Credit: Getty Images | Andrew Harnik Story text Size Small Standard Large Width * Standard Wide Links Standard Orange * Subscribers only   Learn more A messaging service used by former National Security Advisor Mike Waltz has temporarily shut down while the company investigates an apparent hack. The messaging app is used to access and archive Signal messages, but is not made by Signal itself. 404 Media reported yesterday that a hacker stole data "from TeleMessage, an obscure Israeli company that sells modified versions of Signal and other messaging apps to the US government to archive messages." 404 Media interviewed the hacker and reported that the data stolen "contains the contents of some direct messages and group chats sent using [TeleMessage's] Signal clone, as well as modified versions of WhatsApp, Telegram, and WeChat." TeleMessage is based in Israel and was acquired in February 2024 by Smarsh, a company headquartered in Portland, Oregon. Smarsh provided a statement to Ars today saying it has temporarily shut down all TeleMessage services. "TeleMessage is investigating a recent security incident," the statement said. "Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation. Out of an abundance of caution, all TeleMessage services have been temporarily suspended. All other Smarsh products and services remain fully operational." Last week, Waltz was photographed using the TeleMessage Signal app on his phone during a White House cabinet meeting. Waltz's ability to secure sensitive government communications has been in question since he inadvertently invited The Atlantic Editor-in-Chief Jeffrey Goldberg to a Signal chat in which top Trump administration officials discussed a plan for bombing Houthi targets in Yemen. Waltz was removed from his post late last week, with Trump nominating him to serve as ambassador to the United Nations. TeleMessage website removes Signal mentions The TeleMessage website until recently boasted the ability to "capture, archive and monitor mobile communication" through text messages, voice calls, WhatsApp, WeChat, Telegram, and Signal, as seen in an Internet Archive capture from Saturday. Another archived page says that TeleMessage "captures and records Signal calls, messages, deletions, including text, multimedia, [and] files," and "maintain[s] all Signal app features and functionality as well as the Signal encryption." The TeleMessage home page currently makes no mention of Signal, and links on the page have been disabled. The anonymous hacker who reportedly infiltrated TeleMessage told 404 Media that it took about 15 to 20 minutes and "wasn't much effort at all." While the hacker did not obtain Waltz's messages, "the hack shows that the archived chat logs are not end-to-end encrypted between the modified version of the messaging app and the ultimate archive destination controlled by the TeleMessage customer," according to 404 Media. "Data related to Customs and Border Protection (CBP), the cryptocurrency giant Coinbase, and other financial institutions are included in the hacked material, according to screenshots of messages and backend systems obtained by 404 Media," the report said. 404 Media added that the "hacker did not access all messages stored or collected by TeleMessage, but could have likely accessed more data if they decided to, underscoring the extreme risk posed by taking ordinarily secure end-to-end encrypted messaging apps such as Signal and adding an extra archiving feature to them." Jon Brodkin Senior IT Reporter Jon Brodkin Senior IT Reporter Jon is a Senior IT Reporter for Ars Technica. He covers the telecom industry, Federal Communications Commission rulemakings, broadband consumer affairs, court cases, and government regulation of the tech industry. 29 Comments