Hacker who breached app used by Trump aide stole data from across US Government
15 points by luxpir 1 month ago | 4 comments- gnabgib 1 month agoThis isn't an exclusive, or new
DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage (652 points, 2 days ago, 183 comments) https://news.ycombinator.com/item?id=44036647
TeleMessage, used by Trump officials, can access plaintext chat logs (262 points, 15 days ago, 75 comments) https://news.ycombinator.com/item?id=43909220
- WalterGR 1 month agoIt is new. And big news.
This is a news report about the data acquired in the hack discussed in your first link. (Your second link is about a security analysis of the service but is not about <strike>the aforementioned hack or</strike> the data acquired in it.)
The data is being made available only to journalists. It’s exclusive in the sense that AP is the first to report on the data itself.
(Strictly, “exclusive” would mean that the hacking organization has agreed to show the data only to AP, but I think it’s too early to assume that.)
- gnabgib 1 month agoThis was very much spelled out in the first article by Micah (15 days ago) - if you read through.
(..)Despite their misleading marketing, TeleMessage, the company that makes a modified version of Signal used by senior Trump officials, can access plaintext chat logs from its customers.
(..)However, once they're at an endpoint, they are in plaintext (if they weren't, you wouldn't be able to read your texts).
(..)At this point, a lot of people might have access to the chat logs.
The result of the action of that person who did, who talked to Micah and 404media several weeks ago, is the DDosSecrets dump.This server was open to the public – anyone in the world could send HTTP requests to it to try to get chat logs back in a response. On Saturday, one of those people did.- WalterGR 1 month agoThanks. I fixed my comment.
- WalterGR 1 month ago
- gnabgib 1 month ago
- WalterGR 1 month ago
- 1 month ago