Hacker Breaches Government-Approved Messaging App Used by Top Trump Officials
A recent cybersecurity breach has targeted TeleMessage, a messaging application sanctioned for government use, raising significant concerns among top advisors of former U.S. President Donald Trump. The platform, designed to archive communications for federal compliance, was taken offline following reports of unauthorized access.
TeleMessage confirmed the incident, stating that it temporarily suspended its messaging services “out of an abundance of caution.” This comes on the heels of increased scrutiny after a Reuters journalist captured an image of then-National Security Advisor Mike Waltz utilizing the app during an official cabinet meeting, prompting questions about the security of communications among executive officials.
The breach appears to have involved unauthorized access to sensitive data related to Customs and Border Protection, along with details of significant legislative efforts concerning cryptocurrency. Reports indicate that the attackers managed to exploit vulnerabilities in TeleMessage’s backend using stolen credentials, a process described as relatively straightforward and quick, taking merely 15-20 minutes to execute.
This incident highlights the potential vulnerabilities associated with using messaging apps not designed for classified communications. The MITRE ATT&CK framework outlines tactics that could be relevant in this scenario, notably initial access and credential dumping, followed by lateral movement within the system. Officials must remain vigilant as the nature of this breach raises alarms about how foreign adversaries could potentially intercept sensitive information shared among high-level government personnel.
Cabinet members and federal employees are permitted to utilize government-approved applications like TeleMessage for standard communications, yet there are stringent prohibitions against discussing classified material outside secure channels. Leaks through non-certified platforms could lead to dire consequences, underscoring the importance of adhering to cybersecurity protocols.
The images capturing Waltz’s phone revealed direct communications between him and other senior officials, including Vice President J.D. Vance and special envoy Steve Witkoff, who are engaged in complex negotiations involving geopolitical concerns. Waltz’s role was abruptly severed following the incident, as President Trump announced his nomination as U.N. Ambassador.
The White House has yet to provide an official comment on the breach, leaving uncertainty regarding further implications for national security and operational integrity in communications across government channels.
