Notes on the News
The Signal-to-noise ratio
The political consultant and campaign advisor , who’s best known for his work with The Lincoln Project, seems to have broken a big story. He has a high-level contact at the Pentagon, he says, an information specialist, who got in touch with him to tell him that last month, the Trump Administration instructed senior military officials to ignore their own security regulations and install Signal on their government phones.
The source is anonymous, and I haven’t been reading Wellman long enough to have a strong sense about whether this is reliable. I have no reason to think he’s not telling the truth, but sometimes, sources lie. Could be that an experienced bureaucratic backstabber is taking advantage of the opportunity to put a shiv in someone’s back. God knows, the Trump administration has enemies, so that wouldn’t surprise me. I’m also a little puzzled about why someone would leak this to Wellman. (The obvious place to leak it is The Atlantic, but failing that, if you mean to leak, you’ll usually go for one of the big-name newspapers.) If it’s true, though, it would make sense of a few things about this story that puzzle me.
Here’s what Wellman writes:
… This story likely confirms that Signal is a primary means of communications for Trump Administration senior leaders in direct violation of the Presidential Records Act, the Espionage Act, and numerous national security regulations. It appears that much of our national security communications are vulnerable to foreign intelligence agencies to access at the highest levels of our government.
With the explosive news that senior Trump Administration officials had used a Signal chat group that included Atlantic Editor in Chief Jeffrey Goldberg to plan attacks on Yemen questions have been raised about how prevalent the use of the off the shelf civilian app is being used. I can confirm that it has become a primary means of communication.
An anonymous senior level source in the Pentagon’s information technology field reached out to tell me that upon the arrival of newly installed senior military officials in February they were asked to install Signal on their government phones. There had already been instances where newly appointed Trump officials attempted to bring their personal phones in secure areas.
They relented on leaving their phones outside the classified spaces but demanded that [sic] CIO [chief information officer] install Signal on their government devices. One senior uniformed official told me [sic] source that, “they all use Signal and need it to communicate with the White House,” which they took to mean its [sic] being used on their personal devices already. …
I usually correct any typos I notice when I cite text, but I’m leaving them in because I’m not sure how to interpret those sentences. Does it mean that his source heard this secondhand? If so, most newspapers wouldn’t run with it unless they could confirm it. That doesn’t mean it’s not true.
What’s more, Wellman notes, we know for sure that they’re using Signal on their personal phones, too, and we know this because Steve Witkoff told us so.
Wellman’s source also said that Katie Arrington, whom Trump recently appointed deputy chief information officer for cybersecurity and chief information security officer at the DoD, issued a waiver to authorize chief information officers across the services to use Signal on their government phones—even though, at the same time, it sent out a memo explaining why this is a bad idea.
Arrington had a similar job in the first Trump Administration. She was best known for starting a certification program to raise cybersecurity standards in the defense industry. “We cannot afford not to do this,” she said on a teleconference:
[The US is] losing US$600 billion a year to our adversaries in exfiltrations, data rights, R&D loss. If we were able to institute good cyber hygiene and we were able to reduce, let’s just say, email phishing schemes by 10 percent, think of the amount of money that we could save to truly reinvest back into our partners in the industrial base that we need to stay on the competitive edge. And the only way that we saw fit to do this was to create this [cybersecurity certification program] so we can ensure that we are doing everything we can do to buy down the risk of our adversaries stealing our hard work.
Why would someone like that issue the waiver she issued, if the story is right? Is she that cowed by her boss? Looking her up, I found that in 2022, she resigned after she was placed on leave, and her security clearances were suspended, in connection with “an alleged unauthorized disclosure of classified information.” Her attorney was Mark Zaid (whose security clearances Trump recently suspended because Zaid has handled whistleblower complaints about the Trump administration). Zaid said, at the time,
The suspension of Ms. Arrington is nothing more than a routine administrative action but she is now being victimized by delays that are unfairly causing harm to national security and her reputation.
He was probably right, or at least the government’s case wasn’t very good, because when she sued them, they settled and restored her clearances. According to court filings, the Defense Department’s internal security division acknowledged that the violation, whatever it was, did not rise to the level of a criminal offense. They nonetheless made it sound quite serious:
Regardless of whether a formal investigation was conducted and despite [the Air Force Office of Special Investigations]’s determination there was no criminal intent, you disclosed Top Secret, highly sensitive classified and protected information to unauthorized persons, via electronic means, on an unclassified network, which had the potential to inflict exceptionally grave damage to the national security of the United States.
But she was suing them, so you’d expect them to make it sound serious.
Someone who knows DC better than I do will have to figure out what on earth she was thinking.
The advantage of Signal, if you plan to break the law, is that it can be set to make messages disappear automatically.1 Wellman’s story strongly suggests that to avoid leaving any kind of paper trail, senior officials have been using Signal to conduct all manner of government business, in flagrant violation of federal record-keeping laws and about a million and a half laws and regulations on the protection of classified information.
If it’s true that Trump administration political appointees explicitly demanded Signal be installed on government phones, it would explain something puzzling: Why have these officials been behaving the way they have? The stupidity and self-destructiveness seem to be almost beyond measure. They knew what they’d said, and they knew Goldberg had the messages, yet they called him a liar and perjured themselves: How could they have failed to realize how much worse it would look when he called their bluff, which he surely would? Between the lies and the attitude, you would conclude none of them fear being fired or prosecuted. And if indeed it was policy to conduct business over Signal, you would think right.
If you were in their shoes, you’d be pretty worried about losing your job or being sent up for violating the Espionage Act and perjury. Trump is not exactly known for his loyalty to his employees, and they've made him look bad, which he hates. But if they were doing this at his bidding, it would make more sense that they feel so confident. If he’s given them his word that they won’t be prosecuted, then sure—why not tell transparent, childish lies, under oath?
We know very well that Trump doesn’t know a thing—or give a damn—about protecting classified information. As for warnings that Russia has compromised Signal? That he’s not in the least concerned about this might be more evidence about where his loyalties lie; or it might be that he just doesn’t understand any of this. He referred to “a bad signal,” suggesting he doesn’t even know what Signal is. He just knows enough to make one thing clear: If you've got something to say, you say it in a way they can’t subpoena or FOIA.
It’s not just the Pentagon that was warning about Signal. On February 19—well before the fateful exchange—Google Threat Intelligence Group warned that Russia was specifically targeting “individuals of interest to Russia's intelligence services” on Signal:
Signals of trouble: Multiple Russia-aligned threat actors actively targeting Signal Messenger:
Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia's intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia's re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war.
Signal's popularity among common targets of surveillance and espionage activity—such as military personnel, politicians, journalists, activists, and other at-risk communities—has positioned the secure messaging application as a high-value target for adversaries seeking to intercept sensitive information that could fulfill a range of different intelligence requirements. More broadly, this threat also extends to other popular messaging applications such as WhatsApp and Telegram, which are also being actively targeted by Russian-aligned threat groups using similar techniques. In anticipation of a wider adoption of similar tradecraft by other threat actors, we are issuing a public warning regarding the tactics and methods used to date to help build public awareness and help communities better safeguard themselves from similar threats.
The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the app's legitimate "linked devices" feature that enables Signal to be used on multiple devices concurrently. Because linking an additional device typically requires scanning a quick-response (QR) code, threat actors have resorted to crafting malicious QR codes that, when scanned, will link a victim's account to an actor-controlled Signal instance. If successful, future messages will be delivered synchronously to both the victim and the threat actor in real-time, providing a persistent means to eavesdrop on the victim’s secure conversations without the need for full-device compromise.
In remote phishing operations observed to date, malicious QR codes have frequently been masked as legitimate Signal resources, such as group invites, security alerts, or as legitimate device pairing instructions from the Signal website.
In more tailored remote phishing operations, malicious device-linking QR codes have been embedded in phishing pages crafted to appear as specialized applications used by the Ukrainian military.
Beyond remote phishing and malware delivery operations, we have also seen malicious QR codes being used in close-access operations. APT44 (aka Sandworm or Seashell Blizzard, a threat actor attributed by multiple governments to the Main Centre for Special Technologies (GTsST) within Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU), known commonly as the GRU) has worked to enable forward-deployed Russian military forces to link Signal accounts on devices captured on the battlefield back to actor-controlled infrastructure for follow-on exploitation.
To compromise Signal accounts using the device-linking feature, one suspected Russian espionage cluster tracked as UNC5792 (which partially overlaps with CERT-UA's UAC-0195) has altered legitimate "group invite" pages for delivery in phishing campaigns, replacing the expected redirection to a Signal group with a redirection to a malicious URL crafted to link an actor-controlled device to the victim’s Signal account.
In these operations, UNC5792 has hosted modified Signal group invitations on actor-controlled infrastructure designed to appear identical to a legitimate Signal group invite.
In each of the fake group invites, JavaScript code that typically redirects the user to join a Signal group has been replaced by a malicious block containing the Uniform Resource Identifier (URI) used by Signal to link a new device to Signal (i.e., "sgnl://linkdevice?uuid="), tricking victims into linking their Signal accounts to a device controlled by UNC5792.
UNC4221 (tracked by CERT-UA as UAC-0185) is an additional Russia-linked threat actor who has actively targeted Signal accounts used by Ukrainian military personnel. The group operates a tailored Signal phishing kit designed to mimic components of the Kropyva application used by the Armed Forces of Ukraine for artillery guidance. Similar to the social engineering approach used by UNC5792, UNC4221 has also attempted to mask its device-linking functionality as an invite to a Signal group from a trusted contact. Different variations of this phishing kit have been observed, including:
Phishing websites that redirect victims to secondary phishing infrastructure masquerading as legitimate device-linking instructions provisioned by Signal (Figure 4)
Phishing websites with the malicious device-linking QR code directly embedded into the primary Kropyva-themed phishing kit (Figure 5)
In earlier operations in 2022, UNC4221 phishing pages were crafted to appear as a legitimate security alert from Signal (Figure 6)
Notably, as a core component of its Signal targeting, UNC4221 has also used a lightweight JavaScript payload tracked as PINPOINT to collect basic user information and geolocation data using the browser's GeoLocation API. In general, we expect to see secure messages and location data to frequently feature as joint targets in future operations of this nature, particularly in the context of targeted surveillance operations or support to conventional military operations.
Wider Russian and Belarusian efforts to steal messages ffrom Signal
Beyond targeted efforts to link additional actor-controlled devices to victim Signal accounts, multiple known and established regional threat actors have also been observed operating capabilities designed to steal Signal database files from Android and Windows devices.
APT44 has been observed operating WAVESIGN, a lightweight Windows Batch script, to periodically query Signal messages from a victim's Signal database and exfiltrate those most recent messages using Rclone (Figure 7).
As reported in 2023 by the Security Service of Ukraine (SSU) and the UK's National Cyber Security Centre (NCSC), the Android malware tracked as Infamous Chisel and attributed by the respective organizations to Sandworm, is designed to recursively search for a list of file extensions including the local database for a series of messaging applications, including Signal, on Android devices.
Turla, a Russian threat actor attributed by the United States and United Kingdom to Center 16 of the Federal Security Service (FSB) of the Russian Federation, has also operated a lightweight PowerShell script in post-compromise contexts to stage Signal Desktop messages for exfiltration (Figure 8).
Extending beyond Russia, Belarus-linked UNC1151 has used the command-line utility Robocopy to stage the contents of file directories used by Signal Desktop to store messages and attachments for later exfiltration (Figure 9).
Outlook and Implications
The operational emphasis on Signal from multiple threat actors in recent months serves as an important warning for the growing threat to secure messaging applications that is certain to intensify in the near-term. When placed in a wider context with other trends in the threat landscape, such as the growing commercial spyware industry and the surge of mobile malware variants being leveraged in active conflict zones, there appears to be a clear and growing demand for offensive cyber capabilities that can be used to monitor the sensitive communications of individuals who rely on secure messaging applications to safeguard their online activity.
As reflected in wide ranging efforts to compromise Signal accounts, this threat to secure messaging applications is not limited to remote cyber operations such as phishing and malware delivery, but also critically includes close-access operations where a threat actor can secure brief access to a target's unlocked device. Equally important, this threat is not only limited to Signal, but also extends to other widely used messaging platforms, including WhatsApp and Telegram, which have likewise factored into the targeting priorities of several of the aforementioned Russia-aligned groups in recent months. For an example of this wider targeting interest, see Microsoft Threat Intelligence's recent blog post on a COLDRIVER (aka UNC4057 and Star Blizzard) campaign attempting to abuse the linked device feature to compromise WhatsApp accounts.
Whatever Trump told them, it is just astonishing that they went along with it. There’s a relatively good chance our enemies have had access to all of their exchanges for months. (They've probably worked themselves into paroxysms of paranoia about them, too.
Not possible Americanskys so stupid they put war plans on Signal, Igor. Is trap. Their top analysts have been hunched over the books for days, trying to decipher this Rosetta Stone. “Vhat could mean, ‘THIS IS WHEN THE FIRST BOMBS WILL DEFINITELY DROP?’”)
Der Spiegel reports that the officials’ contact information is all over the Internet, too—mobile phone numbers, email addresses, even passwords. Yes, passwords. Most, apparently, are still in use. They found Instagram pages, WhatsApp profiles, Signal accounts, the works. Our officials may as well have put their thoughts in skywriting.
“It was particularly easy for Der Spiegel reporters to discover Hegseth’s mobile number and email address,” they report. They found it on a commercial marketing database. His password, too:
… A search of leaked user data revealed that the email address and, in some cases, even the password associated with it, could be found in over 20 publicly accessible leaks. Using publicly available information, it was possible to verify that the email address was used just a few days ago.
The mobile number provided, meanwhile, led to a WhatsApp account that Hegseth apparently only recently deleted. The profile photo showed a shirtless Hegseth in a baseball cap and necklace. Comparisons with other photos of the US secretary of defense using facial recognition software were able to confirm that the photo on the WhatsApp profile was indeed Hegseth.
“A shirtless Hegseth in a baseball cap and necklace.” Our national humiliation is being served to us like Schnapps on Schadenfreude ice.
They found the passwords for Waltz’s email accounts the same way. Tulsi Gabbard’s data, at least, was blocked in commercial search engines. But they found her email address on Reddit (and pretty much everywhere else).
Gabbard’s email address is available in more than 10 leaks. One of those also contains a partial telephone number, which, when completed, leads to an active WhatsApp account and a Signal profile.
I’m wondering if this is how Jeffrey Goldberg was added to that conversation. It just seems too much of a coincidence, doesn’t it? Of all the gin joints in the world, it’s Jeffrey Goldberg? The editor-in-chief of a magazine that, from MAGA’s perspective, may as well be called the Deep State Journal? The man who all but served as Obama’s amanuensis, the journalist to whom John Kelly confided that Trump wished his generals were more like Hitler’s?
The Federalist, an organ that devotes itself to Trump apologetics with all the energy of Tertullian but none of the intellect, may be assumed here to be channeling the Trump administration—and this was written in January, months before the Signal leak:
That is just a hell of a coincidence, isn’t it? (The Federalist agrees: Their editor is darkly intimidating on Twitter that Goldberg himself hacked into Signal.)
I've been fiddling with my phone to see whether it’s really that easy to add someone by accident. (Apologies to everyone I added to the “Just how stupid would I have to be to add Jeffrey Goldberg to this list by accident” Signal group.) You need to press the “add member to group” button, then scroll through your contacts to choose a name. Alphabetically, “Goldberg” isn’t close to any of the others. Nor are the initials “JG.” Waltz swears he’s never spoken to Goldberg, but that can be discounted. Goldberg says he may have spoken to Waltz once or twice, but it’s definitely not a regular thing. (That could be a lie, too, especially if Waltz leaks to him every now and again.) Of course, it’s perfectly believable that Waltz did, indeed, add him by accident. But it’s crummy luck.
But it’s also plausible that an intelligence service found Waltz’s email address and password online, went on a phishing expedition, and installed malware that allows them to control his phone remotely. Who might wish that conversation to be leaked? Well, who’s taking the most delight right now in the sight of those bozos squirming and twisting in the wind? Iran, for one—this has completely spoiled the administration’s plans to crow about how much tougher they are on the Houthis than Biden. They don’t want to hear the word “Houthis” again as long as they live, I’m sure. Tehran must be laughing itself senseless.
Who else is just loving this? Russia, obviously. But why, you might be thinking, would Russia want to humiliate an administration so determined to make every one of their wildest fantasies come true? (And why would they make a fool of their beloved girlfriend?) Because they don’t love her, and they don’t love us, and they never will. Because this was yet another devastating blow to our alliances, and especially to the Atlantic alliance. Because all of our attention is focused on this, instead of Ukraine, so no one is asking why Trump yet again gave away the store to Vladimir Putin. Because knowing that imbeciles are running the show is a blow to the morale of the American military, and the memory of it will sap our pilots’ confidence. Because they love humiliating us— it’s what they live for—and the opportunity was just good to pass up.
I’m not saying I know any more than anyone else. Maybe Waltz’s finger just slipped. But would you be surprised to learn that something like that happened?
Does it need to be said that it’s a matter of utmost urgency that we know what else has been compromised? Under normal circumstances—after firing every one of them, while the Justice Department begins sorting out who should be prosecuted—we’d confiscate their phones and every other electronic device in their possession and subject them to a scrupulous forensic audit. The FBI would be extracting from every participant a detailed account of what they know about the administration’s usage of Signal, and everything else they’ve been saying to each other using the application.
But that won’t happen—not least because we’ve probably fired everyone capable of doing a forensic audit.
The White House says they’re putting Elon in charge of the investigation:
This is something of a test. If things go on as they were, and if there are no consequences for this to any of the people concerned, we’re in deeper trouble that I know how to express.
Project 2025 repeatedly and explicitly advised its trainees to use systems like Signal to subvert FOIA requests. (Wellman’s readers tipped me off to this. Thank you, , , , and .) It didn’t instruct them to use Signal to discuss highly classified information, however—and these weren’t trainees.
Great work as always.
Fascinating & very informative! Now a subscriber ~ thanks for all your diligence on this critical story.