No, it’s not Molly but rather TeleMessage.
Hackers are targeting a previously reported bug in the Signal clone app TeleMessage in an effort to steal users’ private data, according to security researchers and a U.S. government agency.
TeleMessage, which earlier this year was revealed to be used by high-ranking officials in the Trump administration, already experienced at least one data breach in May. The company markets modified versions of Signal, WhatsApp, and Telegram for corporations and government agencies that need to archive chats for legal and compliance reasons.
On Thursday, GreyNoise, a cybersecurity firm with visibility into what hackers are doing on the internet thanks to its network of sensors, published a post warning that it has seen several attempts to exploit the flaw in TeleMessage, which was originally disclosed in May.
If hackers are able to exploit the vulnerability against their targets, they could access “plaintext usernames, passwords, and other sensitive data,” according to the firm.
Be careful of proprietary forks!