The Israeli spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration, a WIRED investigation has found.

Shortly after Donald Trump declared victory in November, NSO Group cofounder and majority owner Omri Lavie rushed to X to congratulate him, speaking of a “new chapter where the world goes back to common sense,” while accusing the outgoing Biden administration of being “weak.” In another tweet, he gushed in Hebrew that Republicans “won in every category: the presidency, Congress, Senate, and the popular vote.”

Lavie’s enthusiasm is understandable. His company—frequently associated with alleged human rights abuses, most recently in February when journalists in Serbia were targeted with its Pegasus spyware—had a significant stake in a Trump victory, with the hopes of regaining the ability to freely do business with US entities. In a comment to Amnesty International, NSO stated, in part, that its “commitment to maintain the highest standard of ethical conduct as well as confidentiality towards our customers is paramount and is consistent with industry norms and our legal obligations.”

The Israeli spyware vendor has been on the US Commerce Department’s “blacklist” for more than three years, meaning it cannot do business with US companies without specific government approval. NSO Group poured at least $1.8 million into an aggressive pre-election lobbying effort, focusing primarily on Republican senators and representatives, with some meetings occurring as often as eight times. Yet the company remains on the Entity List.

Now, with a new occupant in the White House, NSO Group appears to be shifting its political strategy.

The company seems to have either terminated or altered its engagement with several of its previous lobbying consultancies in Washington—some of which were closely aligned with the Democrats—and has started working with a key new lobbying partner: the Vogel Group.

Founded by Alex Vogel, who served as chief counsel to former Senate majority leader Bill Frist, the Vogel Group is providing NSO Group with “strategic advisory on cybersecurity policy matters,” according to lobbying disclosure documents filed on March 10.

The Vogel Group’s connection to the Trump administration includes areas of key interest to NSO Group. One of the Israeli spyware vendor’s new lobbyists, Jonathan Fahey, joined Vogel’s Washington, DC, office as a principal on January 29 and served in various roles during Trump's first term, including acting director and acting principal legal adviser at Immigration and Customs Enforcement, deputy assistant secretary at the Department of Homeland Security, and general counsel to the White House Office of National Drug Control Policy—all three relevant departments for a company selling surveillance technology.

Another Vogel Group staffer, Hayden Jewett, is listed in disclosure records as assigned to lobby on behalf of NSO group. Jewett served as a congressional staff liaison to President Trump’s 2016 inauguration, facilitating coordination between congressional offices and the inaugural committee.

Law firm Holtzman Vogel—of which Alex Vogel is a partner—was founded by his wife, Jill Holtzman Vogel, a former Virginia state senator, a former chief counsel of the Republican National Committee (RNC), and a current principal at the Vogel Group. The firm has reportedly worked for the National Republican Senatorial Committee and the National Republican Congressional Committee and received in 2024 over $9.3 million in reported payments, with significant political funding from Republican organizations.

Holtzman Vogel also represented former Metropolitan Police Department lieutenant Andrew Zabavsky, who was pardoned by Trump in January 2025 for his conviction for obstruction of justice related to the investigation into the death of 20-year-old Karon Hylton-Brown, a case that sparked protests ahead of the 2020 US election.

Bill McGinley, a principal at the Vogel Group and former assistant to the president and cabinet secretary during Trump’s first term, left the lobbying firm after Trump appointed him to White House counsel on November 12. He was then reassigned as counsel to the so-called Department of Government Efficiency (DOGE) on December 4, only to leave on January 23.

“Lobbyists and advisers who have passed through the revolving door, having worked in the previous Trump White House or for the campaign, as well as those who are big campaign donors have a unique ability to bend the ear of the new administration,” says Dan Auble, a senior researcher at the nonprofit OpenSecrets, which tracks US political spending. “That access is very valuable.”

NSO Group spokesperson Gil Lainer declined to comment on the scope of the contract with the Vogel Group when asked by WIRED. The Vogel Group did not respond to WIRED’s request for comment.

**Closing the Circle**

NSO Group’s recent lobbying efforts appear to have mainly focused on Republican lawmakers, more than executive branch power players, particularly as the Biden administration had been engaged in a crackdown on commercial spyware. The company previously worked with several lobbying contractors, with whom it appears to have either terminated or altered its registrations.

These include its registrations under Foreign Agents Registration Act (FARA) with Pillsbury Winthrop Shaw Pittman LLP and Chartwell Strategy Group, as well as registrations under the Lobbying Disclosure Act (LDA) with law firms Paul Hastings LLP and Steptoe LLP. Pillsbury previously engaged Chartwell Strategy Group to provide NSO Group with “strategic communications counsel.” Chartwell Strategy Group has now, for the first time, registered under the LDA as a lobbyist for NSO Group, while the only current active registration of NSO Group under FARA is with Paul Hastings LLP.

Lobbyists representing foreign commercial interests—if their work is not intended to benefit a foreign government or political party—can be exempt from FARA and instead register under the LDA, which has no requirement to report specific meetings and is, overall, far less transparent than FARA.

Much of the public knowledge about NSO Group’s lobbying efforts came from FARA filings. Since both the Vogel Group and Chartwell Strategy Group are now registered under the LDA, it will now be more difficult to monitor their lobbying efforts.

Examining NSO Group's past and present consultants reveals numerous individuals who, one way or another, have been associated with the Trump administration. These people are not all lobbyists, but they do have direct connections to Trump world. They include David Tamasi, managing director at Chartwell Strategy and DC chairman of Trump’s 2016 joint fundraising committee, who bundled more than $500,000 for Trump’s campaign and the RNC in 2020, and at least $15,000 in 2024. His firm, a key player in NSO Group’s lobbying, had been actively preparing clients for Trump’s return.

Other NSO-connected figures also have close Trump ties: Bryan Lanza, a partner at Mercury Public Affairs, which consulted for the company from 2020 to 2021, is a veteran Trump ally; Michael Flynn, Trump’s former national security adviser, was paid nearly $100,000 by NSO Group’s parent firms, according to the The Washington Post, and was recently appointed by Trump to a West Point advisory board; Jeff Miller, who raised millions for Trump, received $170,000 from an NSO-linked company and was spotted at Trump’s 2024 election night event at Mar-a-Lago; and Rod Rosenstein, Trump’s former deputy attorney general, represented NSO Group in a lawsuit and previously helped justify Trump’s firing of FBI director James Comey.

Pillsbury Winthrop Shaw Pittman LLP, Chartwell Strategy Group, Paul Hastings LLP, and Steptoe LLP did not reply to WIRED’s request for comment. Nor did Flynn, Miller, or Rosenstein. Tamasi did not respond in time for publication.

**What Counts as a Win**

As of early March—before Vogel Group’s registration as a lobbyist for NSO Group—there had been no indication that the Trump administration intended to remove the company from the Entity List, according to a source familiar with the administration’s moves regarding spyware, who asked not to be named in order to discuss confidential matters. However, recent comments by NSO Group’s Lavie soft-peddled the impact of the Entity List on the company’s ability to operate in the US.

“\[The Americans\], when they say ‘blacklist,’ it sounds much more dramatic to me than it actually is,” Lavie claimed during an interview in Hebrew on an Israeli podcast following Trump’s election. He added: “You can still do business in the United States; it is definitely not a barrier for us to sell in the US.”

“In practice, we are on the list of Commerce, and what this does for us from a regulatory perspective, it simply forces American companies—if we want to buy technology from them—to ask for permission to sell us the technology. That's all,” Lavie said.

​​Lobbying efforts can target different parts of the US government. By lobbying the executive branch (the president and agencies), lobbyists can influence how laws are enforced rather than what the laws say. In contrast, when lobbying Congress, the focus is on passing, blocking, or amending laws by influencing legislators.

For example, for a company to be removed from the Entity List, it must go through a lengthy administrative process that includes a review by an interagency committee composed of representatives from the departments of Commerce, State, and Defense, among others. Although Congress could theoretically influence this process, it is not directly involved.

During the presidential transition period, NSO Group mainly focused on Congress and reached out to at least 10 Republican senators, representatives, and their staff, before beginning its outreach with the incoming administration. On February 2, the company shared its annual transparency report with Trump’s new deputy national security adviser, Alex Wong.

The Vogel Group could play a key role in supporting NSO Group if it attempts to engage with the new executive branch, including the president’s executive office, the National Security Council, and the State, Justice, and Commerce Departments, among other relevant agencies. Such engagement might aim not only at addressing NSO Group’s placement on the Entity List, but also at challenging the spyware-related visa restrictions imposed by the previous administration. In addition, the firm could potentially assist in efforts to roll back Executive Order 14093, signed by President Joe Biden, which continues to restrict the US government’s use of commercial spyware.

Asked whether the Trump administration intends to uphold the EO, White House press secretary Karoline Leavitt declined to comment.

“Much is at stake if the US revokes Executive Order 14093, an order that sets standards on US acquisition of spyware, as access to the US market, and US purchasing power, are great tools in shaping the global scope and scale of the market for spyware,” says Jen Roberts, the Atlantic Council’s associate director of the Cyber Statecraft Initiative and coauthor of a recent major report on the commercial spyware industry. Roberts also highlighted the need to better regulate US outbound investment into such technologies.

**Watching for Signs**

During Trump's first term, the FBI secretly acquired the Pegasus spyware for limited testing in 2019 and seriously contemplated its operational deployment; while during the final months of the administration in 2020, the US initiated a deal that financed the purchase of the Israeli spyware for Colombian security forces, according to the Colombian ambassador to the US and reported by Drop Site News. (The deal was finalized in 2021, after Trump left office.) In an official statement, NSO Group confirmed its dealings with Colombia but denied claims that the software was purchased irregularly. The New York Times also reported that in 2018 the CIA had purchased Pegasus for the government of Djibouti to conduct counterterrorism operations, while the Secret Service held discussions with NSO Group the same year.

The access and influence NSO Group could attain through lobbying efforts by companies like the Vogel Group and Chartwell Strategy Group could lead to a more favorable political environment and, in turn, potentially increase business opportunities under a second Trump administration—something very hard for outsiders to measure, given the opaque nature of government procurement of surveillance technologies.

In the coming weeks and months, NSO Group’s interactions with US government officials, facilitated by its lobbying, will be critical in achieving such a favorable political environment. Caroline Glick, an adviser to Israeli prime minister Benjamin Netanyahu, has also been recently lobbying the Trump White House—among others—on the matter of “request\[ing\] to check for options for lifting sanctions on Israeli technology companies,” according to reports in the Israeli media.

Experts closely monitoring the commercial spyware industry are raising the alarm about the prospect of NSO Group regaining business under Trump—further exacerbated by new reports that the company has been simultaneously pushing its interests on the international stage through the so-called Pall Mall Process, a UK- and France-led initiative to regulate such technologies.

“NSO has become a toxic brand that is widely associated not just with human rights abuses but also with national security threats to US, UK, France, and other countries,” says Natalia Krapiva, senior tech-legal counsel at civil-liberties-focused nonprofit Access Now.

Lainer, the NSO Group spokesperson, tells WIRED that the company “complies with all laws and regulations and sells only to vetted intelligence and law enforcement agencies, which use these technologies daily to prevent crime and terror attacks.” Lainer adds that NSO “has initiated and implemented the industry’s leading compliance and human rights program, which protects against misuse by government entities and investigates all credible claims of misuse”

Ultimately, the current administration will have the final say on how the US regulates NSO Group.

Senator Ron Wyden of Oregon, who has actively worked to address concerns related to surveillance and spyware, tells WIRED that “the Biden Administration blacklisted NSO” because its tool was used to “maliciously targeting journalists, human rights workers, and even US government officials around the world on behalf of foreign dictators and making all Americans less safe.”

“If Donald Trump puts the NSO Group back in business,” Wyden adds, “he'll be directly responsible for opening up new threats to our national security and enabling atrocities by foreign dictators.”

Spyware Maker NSO Group Is Paving a Path Back Into Trump’s America

Plus: Another DOGE operative allegedly has a history in the hacking world, and Donald Trump’s national security adviser apparently had way more Signal chats than previously known.

The biggest news this week is inarguably the Trump administration’s baffling tariffs, which have rattled the global economy, impacting everything from the US tech industry to literal penguins, leaving most of the world wondering what comes next. But if you’re looking for a mystery that doesn’t feel quite so, well, _existential_, look no further than Indiana University.

On March 18, the FBI raided the homes of Xiaofeng Wang, a data privacy professor and researcher who worked at the IU for more than 20 years. The same day, according to a termination email viewed by WIRED, Wang was fired from his job, and people soon noticed that he and his wife seemed to have disappeared.

A WIRED investigation found that the university was looking into whether Wang received unreported research funding from China prior to his position being terminated. IU also removed from its website Wang’s profile as well as the profile of his wife, Nianli Ma, who worked as a library systems analyst. An attorney for Wang and Ma say they are “safe,” and Wang has reportedly taken a position at a university in Singapore. As of earlier this week, the couple’s attorney was unaware of any charges against either of them.

The large language models behind generative AI tools may be black boxes, but one company’s leaky server has provided some accidental insight into how people are using these tools. The short answer? It’s not great. Security researcher Jeremiah Fowler discovered an unsecured database with more than 95,000 records linked to South Korea-based image-generation tool GeNomis. The records contained prompts for creating images, as well as some images themselves, which included de-aged pictures of celebrities like Ariana Grande and Beyoncé made to look like children, and what appeared to be AI-generated child sexual abuse material. The GeNomis website went offline hours after WIRED reached out for comment.

And that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there.

The Trump administration has reportedly fired the director of the National Security Agency at the urging of far-right activist Laura Loomer. According to multiple reports, Loomer brought to an Oval Office meeting on Wednesday a list of about a dozen officials she claimed were insufficiently loyal to President Donald Trump. Among them were General Timothy Haugh—who led both the NSA and US Cyber Command—and his civilian deputy, Wendy Noble, who has reportedly also been removed from her post.

According to CNN, Loomer specifically targeted Haugh, arguing for his removal because he had been selected by Mark Milley, the former Joint Chiefs of Staff chairman. Milley, who publicly clashed with Trump, was quoted in a book by journalist Bob Woodward calling the former president “fascist to the core.” In a post on X, Loomer claimed that Haugh and Noble “have been disloyal to President Trump. That is why they have been fired.”

Haugh’s and Noble’s reported dismissals came just hours after several National Security Council staffers were also forced out following the Oval Office meeting that included Loomer.

Speaking aboard Air Force One on Thursday, Trump confirmed the NSC dismissals and acknowledged Loomer’s role in advising him. “She makes recommendations … and sometimes I listen to those recommendations … I listen to everybody and then I make a decision,” he said.

Loomer, who has promoted conspiracy theories about the 9/11 attacks and espoused anti-immigrant and anti-Muslim rhetoric, has become an increasingly vocal presence within Trump’s political orbit. In recent weeks, she has publicly attacked members of Trump’s own team, accusing them of undermining his agenda. “Laura Loomer is a very good patriot,” Trump said on Thursday. “She is a very strong person.”

****DOGE Operative Linked to Alleged Hacking Past****

On Monday, Reuters reported that an operative from Elon Musk’s so-called Department of Government Efficiency (DOGE) assigned to the US Justice Department was previously a hacker who ran websites distributing pirated ebooks and software. According to a Reuters review of domain registration data and archived pages from the Wayback Machine, one such site, fkn-pwnd.com, featured the slogan “Fucking Up Servers!” alongside a crude sketch of a penis.

Christopher Stanley, a 33-year-old engineer who has worked at both Musk's social media company X and space company SpaceX, is a senior adviser in the deputy attorney general's office, according to a former Justice Department official and a staff directory listing reviewed by Reuters. Starting about 10 years before joining SpaceX, Stanley allegedly ran several online forums that covered software piracy, video game cheats, and hacking. Reuters reports that he used various pseudonyms on those sites, including eNkrypt and Reneg4d3. The fkn-pwnd.com site, launched in 2006, would have been created when Stanley was in high school.

The Reuters report follows inquiries into another DOGE technologist, Edward Coristine, who worked briefly for a firm known for hiring reformed hackers, a WIRED investigation found.

****Waltz’s Team Allegedly Had at Least 20 Signal Group Chats****

Last week, The Atlantic exposed a staggering operational security failure when it reported that someone using the Signal account belong to national security adviser Mike Waltz accidentally invited the publication’s editor-in-chief to a private Signal group chat discussing a covert bombing operation in Yemen. Now, Politico reports that Waltz’s team has routinely used Signal chats—on a far broader scale than previously known—to coordinate official work on sensitive issues including Ukraine, China, Gaza, the Middle East, Africa, and Europe.

Sources who spoke to Politico on the condition of anonymity say they were directly involved in or had knowledge of at least 20 such group chats. While none of the four individuals could confirm whether classified information was shared, all said the discussions regularly included sensitive national security details. In the wake of these revelations, Waltz and other US government officials have also come under scrutiny for leaving their Venmo accounts public and reportedly using personal Gmail addresses for government business.

On Thursday, the Pentagon’s acting inspector general announced a review of defense secretary Pete Hegseth’s use of the encrypted Signal app to share plans for operations against the Houthis in Yemen.

NSA Chief Ousted Amid Trump Loyalty Firing Spree

A lawyer for Xiaofeng Wang and his wife says they are “safe” after FBI searches of their homes and Wang’s sudden dismissal from Indiana University, where he taught for over 20 years.

Before the official faculty profiles of renowned Indiana University, Bloomington (IU) data privacy professor Xiaofeng Wang and his wife disappeared and the FBI raided two of the couple’s homes last week, the school is said to have been reviewing for months whether the professor received unreported research funding from China, WIRED has learned.

Indiana University contacted Wang in December to ask about a 2017-2018 grant in China that listed Wang as a researcher, according to an unsigned statement that appears to be written by a Purdue University professor and long-time collaborator of Wang seen by WIRED. The statement says that the author believed IU was concerned that Wang allegedly failed to properly disclose the funding to the university and in applications for US federal research grants.

The statement has been circulating among cybersecurity and privacy scholars at universities around the world in recent days and was sent to WIRED by three separate sources. It claims that Wang had explained the funding situation to IU, then was told in February that the school would continue looking into the matter.

Alex Tanford, a professor emeritus at Indiana University and the IU Bloomington Chapter president of the American Association of University Professors, says Wang reached out to him and said that he had been accused of alleged research misconduct. Tanford says he provided Wang guidance as a member of the faculty board of review. IU did not answer WIRED’s questions regarding any probes into Wang.

“The charge seemed trivial—that he had failed to properly disclose who was principal investigator on a grant application and had not fully listed all his coauthors on an article,” Tanford tells WIRED of the allegations. He says Wang wanted to know if the university had the right to lock him out of his office and computer, as he was in the middle of ongoing research.

Research papers Wang published between 2017 and 2018 list funding from places like the National Science Foundation, National Institutes of Health, the US Defense Advanced Research Projects Agency, the US Army Research Office, Google, and Samsung, according to a WIRED review of his publications from the time period.

Wang regularly collaborated with researchers at the Institute of Information Engineering (IIE) at the Chinese Academy of Sciences, a government-funded cybersecurity research lab. In papers, Wang and his coauthors disclosed that the IIE scholars received funding from sources such as the National Natural Science Foundation of China, but that Wang was being supported by US grants. It’s not uncommon for professors at US institutions to collaborate with researchers in China, and there's no public evidence to suggest that the arrangements were improper.

According to the unsigned statement’s title and metadata, it appears to have been authored by Ninghui Li, a computer science professor at Purdue who has collaborated on research with Wang since at least 2006. The pair also serve together on the board of the ACM Special Interest Group on Security, Audit, and Control (SIGSAC), which aims “to develop the information security profession by sponsoring high quality research conferences and workshops,” according to the Association for Computer Machinery’s website. Li did not respond to emailed requests for comment nor a voicemail left on his office phone.

Jason Covert, one of attorneys representing Xiaofeng Wang and his wife, Nianli Ma, a library systems analyst whose employee profile was also removed by Indiana University, tells WIRED that Wang and Ma are both “safe” and that neither of them have been arrested. Their legal team is not currently aware of any pending criminal charges against them, and while the couple’s attorneys have viewed a search warrant from the Department of Justice, Covert says they have not received a copy of the affidavit establishing probable cause.

Wang is considered among the top researchers in the field of privacy, data security, and biometric privacy, and his sudden disappearance came as a shock to many of his academic peers. Wang joined IU in 2004 and is the lead principal investigator of the multidisciplinary Center for Distributed Confidential Computing, which he established in 2022 with an almost $3 million grant from the National Science Foundation (NSF), according to a since-deleted bio on IU’s website. As part of his application for the NSF funding and other US federal research grants, Wang would have been required to disclose other grants he already received or were currently pending review.

On March 28, the FBI searched two home addresses associated with Wang. The same day, IU also reportedly terminated Wang’s job via an email sent by provost Rahul Shrivastav, which WIRED obtained and was first reported by The Indiana Daily Student. The email also said it was understood that Wang had recently accepted a position with a university in Singapore, a detail also repeated in the statement attributed to Li.

The statement says Wang planned to start at the unnamed Singaporean university on June 1, 2025, and requested a leave of absence from Indiana University in early March. But IU responded by “putting him on administrative leave, removing his IU homepage, and disabling his IU email address,” it claims.

Wang’s new job offer “would be irrelevant in any event because it is for \[the\] next academic year and would not justify firing him,” Tanford says. Terminating his employment via an email was a violation of university policy, Tanford claims, which prohibits firing a tenured professor without cause, and requires a 10-day notice and a hearing before a faculty board of review, if requested by the staff member. “The faculty is deeply concerned. If the administration can fire a tenured professor without due process and in violation of a policy approved by our trustees, none of us is safe,” he says.

Reached for comment, an IU spokesperson declined to answer detailed questions from WIRED about prior communications between the university and Wang and the school’s decision to fire him.

“Indiana University was recently made aware of a federal investigation of an Indiana University faculty member,” university spokesperson Mark Bode tells WIRED in an emailed statement. “At the direction of the FBI, Indiana University will not make any public comments regarding this investigation. In accordance with Indiana University practices, Indiana University will also not make any public comments regarding the status of this individual.”

The FBI has so far not commented on the reason for its activities surrounding Wang’s properties. In a statement sent to WIRED, Indianapolis-based spokesperson Chris Bavender says, “The FBI conducted court authorized law enforcement activity at homes in Carmel and Bloomington, Indiana last Friday. We have no further comment at this time.”

WIRED could not immediately reach Wang or Ma for comment directly, but Covert, their attorney, provided a statement on their behalf.

“Prof. Wang and Ms. Ma are thankful for the outpouring of support they have received from colleagues at Indiana University and their peers across the academic community,” the statement reads. “They look forward to clearing their names and resuming their successful careers at the conclusion of this investigation.”

To many in the academic research community, the events surrounding Wang and another Chinese-born scholar in Florida who was fired recently are reminiscent of the China Initiative, a US Department of Justice campaign launched under the first Trump administration to combat cybercrime and economic espionage. Critics accused the program of unfairly targeting Chinese-born researchers and broader Asian-immigrant and Asian-American academic communities.

The DOJ abandoned the program under the Biden administration in 2022 after it lost or withdrew charges in a number of associated cases. At the time, a top DOJ official said it had “helped give rise to a harmful perception” that there are lower standards for prosecuting conduct related to China, and people with ties to the country are treated differently. But several congressional efforts have since sought to resurrect the program or start similar law enforcement campaigns, including a 2023 bill that passed the House but not the Senate last year.

“We, like many other organizations and individuals, have broad concerns that the end of the \[China Initiative\] is just in name but does not reflect a change in fact and substance,” Jeremy Wu, the coorganizer of APA Justice, a nonprofit organization that advocates against racial profiling, said in a March webinar at the Michigan State University. Wu declined WIRED’s request to comment on the events surrounding Wang.

Matthew Green, a professor at Johns Hopkins University who specializes in cryptography and cryptographic engineering says that, while he doesn’t know Wang personally, he is troubled by how secretive Indiana University has been about the circumstances that led to his alleged firing. “This is not normal behavior by a university,” Green tells WIRED.

Green says he worries that cases like Wang’s could make young engineers from China think twice about studying at American universities, and even motivate talented researchers who have lived in the US for decades to instead consider working abroad. “We may lose a huge amount of expertise,” Green says.

Cybersecurity Professor Faced China-Funding Inquiry Before Disappearing, Sources Say

Xiaofeng Wang, a longtime computer science professor at Indiana University, has disappeared along with his wife, and their profiles on the school's website were wiped ahead of recent FBI raids.

A prominent computer scientist who has spent 20 years publishing academic papers on cryptography, privacy, and cybersecurity has gone incommunicado, had his professor profile, email account, and phone number removed by his employer, Indiana University, and had his homes raided by the FBI. No one knows why.

Xiaofeng Wang has a long list of prestigious titles. He was the associate dean for research at Indiana University's Luddy School of Informatics, Computing and Engineering, a fellow at the Institute of Electrical and Electronics Engineers and the American Association for the Advancement of Science, and a tenured professor at Indiana University at Bloomington. According to his employer, he has served as principal investigator on research projects totaling nearly $23 million over his 21 years there.

He has also coauthored scores of academic papers on a diverse range of research fields, including cryptography, systems security, and data privacy, including the protection of human genomic data. I have personally spoken to him on three occasions for articles here, here, and here.

****“None of This Is in Any Way Normal”****

In recent weeks, Wang's email account, phone number, and profile page at the Luddy School were quietly erased by his employer. Over the same time, Indiana University also removed a profile for his wife, Nianli Ma, who was listed as a lead systems analyst and programmer at the university's Library Technologies division.

As reported by The Bloomingtonian and later the The Herald-Times in Bloomington, a small fleet of unmarked cars driven by government agents descended on the Bloomington home of Wang and Ma on Friday. They spent most of the day going in and out of the house and occasionally transferred boxes from their vehicles. TV station WTHR, meanwhile, reported that a second home owned by Wang and Ma, located in Carmel, Indiana, was also searched. The station said that both a resident and an attorney for the resident were on scene during at least part of the search.

Attempts to locate Wang and Ma have so far been unsuccessful. An Indiana University spokesman didn't answer emailed questions asking if the couple was still employed by the university and why their profile pages, email addresses, and phone numbers had been removed. The spokesman provided the contact information for a spokeswoman at the FBI's field office in Indianapolis. In an email, the spokeswoman wrote: “The FBI conducted court authorized law enforcement activity at homes in Bloomington and Carmel Friday. We have no further comment at this time.”

Searches of federal court dockets turned up no documents related to Wang, Ma, or any searches of their residences. The FBI spokeswoman didn't answer questions seeking which US district court issued the warrant and when, and whether either Wang or Ma is being detained by authorities. Justice Department representatives didn't return an email seeking the same information. An email sent to a personal email address belonging to Wang went unanswered at the time this post went live. Their resident status (e.g., US citizens or green card holders) is currently unknown.

Fellow researchers took to social media over the weekend to register their concern over the series of events.

“None of this is in any way normal,” Matthew Green, a professor specializing in cryptography at Johns Hopkins University, wrote on Mastodon. He continued: “Has anyone been in contact? I hear he’s been missing for two weeks and his students can’t reach him. How does this not get noticed for two weeks???”

In the same thread, Matt Blaze, a McDevitt professor of computer science and law at Georgetown University, said, “It's hard to imagine what reason there could be for the university to scrub its website as if he never worked there. And while there's a process for removing tenured faculty, it takes more than an afternoon to do it.”

Local news outlets reported the agents spent several hours moving boxes in an out of the residences. WTHR provided the following details about the raid on the Carmel home:

_Neighbors say the agents announced "FBI, come out!" over a megaphone._

_A woman came out of the house holding a phone. A video from a neighbor shows an agent taking that phone from her. She was then questioned in the driveway before agents began searching the home, collecting evidence and taking photos._

_A car was pulled out of the garage slightly to allow investigators to access the attic._

_The woman left the house before 13News arrived. She returned just after noon accompanied by a lawyer. The group of 10 or so investigators left a few minutes later._

_The FBI would not say what they were looking for or who is under investigation. A bureau spokesperson issued a statement: “I can confirm we conducted court-authorized activity at the address in Carmel today. We have no further comment at this time.”_

_Investigators were at the house for about four hours before leaving with several boxes of evidence. 13News rang the doorbell when the agents were gone. A lawyer representing the family who answered the door told us they're not sure yet what the investigation is about._

This post will be updated if new details become available. Anyone with firsthand knowledge of events involving Wang, Ma, or the investigation into either is encouraged to contact me, preferably over Signal at DanArs.82. The email address is: dan.goodin@arstechnica.com.

_This story originally appeared on_ _Ars Technica._

Cybersecurity Professor Mysteriously Disappears as FBI Raids His Homes

An unsecured database used by a generative AI app revealed prompts and tens of thousands of explicit images—some of which are likely illegal. The company deleted its websites after WIRED reached out.

Tens of thousands of explicit AI-generated images, including AI-generated child sexual abuse material, were left open and accessible to anyone on the internet, according to new research seen by WIRED. An open database belonging to an AI image-generation firm contained more than 95,000 records, including some prompt data and images of celebrities such as Ariana Grande, the Kardashians, and Beyoncé de-aged to look like children.

The exposed database, which was discovered by security researcher Jeremiah Fowler, who shared details of the leak with WIRED, is linked to South Korea–based website GenNomis. The website and its parent company, AI-Nomis, hosted a number of image generation and chatbot tools for people to use. More than 45 GB of data, mostly made up of AI images, was left in the open.

The exposed data provides a glimpse at how AI image-generation tools can be weaponized to create deeply harmful and likely nonconsensual sexual content of adults and child sexual abuse material (CSAM). In recent years, dozens of “deepfake” and “nudify” websites, bots, and apps have mushroomed and caused thousands of women and girls to be targeted with damaging imagery and videos. This has come alongside a spike in AI-generated CSAM.

“The big thing is just how dangerous this is,” Fowler says of the data exposure. “Looking at it as a security researcher, looking at it as a parent, it’s terrifying. And it's terrifying how easy it is to create that content.”

Fowler discovered the open cache of files—the database was not password protected or encrypted—in early March and quickly reported it to GenNomis and AI-Nomis, pointing out that it contained AI CSAM. GenNomis quickly closed off the database, Fowler says, but it did not respond or contact him about the findings.

Neither GenNomis nor AI-Nomis responded to multiple requests for comment from WIRED. However, hours after WIRED contacted the organizations, websites for both companies appeared to be shut down, with the GenNomis website now returning a 404 error page.

“This example also shows—yet again—the disturbing extent to which there is a market for AI that enables such abusive images to be generated,” says Clare McGlynn, a law professor at Durham University in the UK who specializes in online- and image-based abuse. “This should remind us that the creation, possession, and distribution of CSAM is not rare, and attributable to warped individuals.”

Before it was wiped, GenNomis listed multiple different AI tools on its homepage. These included an image generator allowing people to enter prompts of images they want to create, or upload an image and include a prompt to alter it. There was also a face-swapping tool, a background remover, plus an option to turn videos into images.

“The most disturbing thing, obviously, was the child explicit images and seeing ones that were clearly celebrities reimagined as children,” Fowler says. The researcher explains that there were also AI-generated images of fully clothed young girls. He says in those instances, it is unclear whether the faces used are completely AI-generated or based on real images.

As well as CSAM, Fowler says, there were AI-generated pornographic images of adults in the database plus potential “face-swap” images. Among the files, he observed what appeared to be photographs of real people, which were likely used to create “explicit nude or sexual AI-generated images,” he says. “So they were taking real pictures of people and swapping their faces on there,” he claims of some generated images.

When it was live, the GenNomis website allowed explicit AI adult imagery. Many of the images featured on its homepage, and an AI “models” section included sexualized images of women—some were “photorealistic” while others were fully AI-generated or in animated styles. It also included a “NSFW” gallery and “marketplace” where users could share imagery and potentially sell albums of AI-generated photos. The website’s tagline said people could “generate unrestricted” images and videos; a previous version of the site from 2024 said “uncensored images” could be created.

GenNomis’ user policies stated that only “respectful content” is allowed, saying “explicit violence” and hate speech is prohibited. “Child pornography and any other illegal activities are strictly prohibited on GenNomis,” its community guidelines read, saying accounts posting prohibited content would be terminated. (Researchers, victims advocates, journalists, tech companies, and more have largely phased out the phrase “child pornography,” in favor of CSAM, over the last decade).

It is unclear to what extent GenNomis used any moderation tools or systems to prevent or prohibit the creation of AI-generated CSAM. Some users posted to its “community” page last year that they could not generate images of people having sex and that their prompts were blocked for non-sexual “dark humor.” Another account posted on the community page that the “NSFW” content should be addressed, as it “might be looked upon by the feds.”

“If I was able to see those images with nothing more than the URL, that shows me that they're not taking all the necessary steps to block that content,” Fowler alleges of the database.

Henry Ajder, a deepfake expert and founder of consultancy Latent Space Advisory, says even if the creation of harmful and illegal content was not permitted by the company, the website’s branding—referencing “unrestricted” image creation and a “NSFW” section—indicated there may be a “clear association with intimate content without safety measures.”

Ajder says he is surprised the English-language website was linked to a South Korean entity. Last year the country was plagued by a nonconsensual deepfake “emergency” that targeted girls, before it took measures to combat the wave of deepfake abuse. Ajder says more pressure needs to be put on all parts of the ecosystem that allows nonconsensual imagery to be generated using AI. “The more of this that we see, the more it forces the question onto legislators, onto tech platforms, onto web hosting companies, onto payment providers. All of the people who in some form or another, knowingly or otherwise—mostly unknowingly—are facilitating and enabling this to happen,” he says.

Fowler says the database also exposed files that appeared to include AI prompts. No user data, such as logins or usernames, were included in exposed data, the researcher says. Screenshots of prompts show the use of words such as “tiny,” “girl,” and references to sexual acts between family members. The prompts also contained sexual acts between celebrities.

“It seems to me that the technology has raced ahead of any of the guidelines or controls,” Fowler says. “From a legal standpoint, we all know that child explicit images are illegal, but that didn’t stop the technology from being able to generate those images.”

As generative AI systems have vastly enhanced how easy it is to create and modify images in the past two years, there has been an explosion of AI-generated CSAM. “Webpages containing AI-generated child sexual abuse material have more than quadrupled since 2023, and the photorealism of this horrific content has also leapt in sophistication, says Derek Ray-Hill, the interim CEO of the Internet Watch Foundation (IWF), a UK-based nonprofit that tackles online CSAM.

The IWF has documented how criminals are increasingly creating AI-generated CSAM and developing the methods they use to create it. “It’s currently just too easy for criminals to use AI to generate and distribute sexually explicit content of children at scale and at speed,” Ray-Hill says.

An AI Image Generator’s Exposed Database Reveals What People Really Used It For

Plus: Alleged Snowflake hacker will be extradited to US, internet restrictions create an information vacuum in Myanmar, and London gets its first permanent face recognition cameras.

After senior Trump administration members mistakenly included The Atlantic editor Jeffrey Goldberg in a secret group chat about bombing Houthi targets in Yemen, encrypted messaging app Signal found itself at the center of a storm this week. Some commentators criticized the app, going as far to blame it for the scandal.

But the whole affair that’s dubiously been dubbed “SignalGate” isn’t about Signal at all: Experts say officials shouldn’t invite untrusted contacts into sensitive chats and should only use authorized devices, platforms, and procedures when discussing top-secret military operations. In other words, the people who set up the chat made numerous mistakes, and they had nothing to do with how secure Signal is. In fact, Signal has seen its biggest-ever spike in US downloads as a result of the news.

In other news linked to _that_ Houthi group chat, national security adviser Mike Waltz—an account with the name “Michael Waltz” originally invited Goldberg to the group—left his Venmo account open to public view. As WIRED reported, a “Michael Waltz” Venmo account displayed the names of the adviser’s colleagues and friends, revealing people in Waltz’s wider social network. After WIRED reached out to the White House, the Waltz account hid its friends list. There’s more though: WIRED also discovered other Venmo accounts linked to officials in the Signal chat. Information about who officials associate with could be highly lucrative for foreign spies and hackers.

Elsewhere, we reported on all the ways the White House adopting Elon Musk’s Starlink as an alternative Wi-Fi network could be bad news for network security. There are also early signs in Europe that some companies are going cold on cloud services from Google, Amazon, and Microsoft, as they reassess the risks of dealing with the volatile second Trump administration. And, as crossing the United States border becomes more perilous—for both citizens and visa holders—we updated our guide to keeping your digital privacy intact when you are entering the US.

That’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click on the headlines to read the full stories. And stay safe out there.

**Top US Security Officials’ Passwords and Personal Phone Numbers Discovered Online**

On top of SignalGate and Venmo accounts being left exposed, German news outlet Der Spiegel reported that sensitive personal information linked to several senior Trump administration security officials is easily discoverable online. Reporters from the publication found that mobile phone numbers, email addresses, and “some” passwords for top officials could be found on the internet.

Using people-search engines and information contained in public data breaches, Der Spiegel discovered personal information belonging to Waltz, director of national intelligence Tulsi Gabbard, and Pete Hegseth, the secretary of defense. “Most of these numbers and email addresses are apparently still in use, with some of them linked to profiles on social media platforms like Instagram and LinkedIn,” the news organization reported. The details were also linked to Dropbox, Microsoft Teams, Signal, and WhatsApp accounts used by the officials.

While millions of people have been caught up in online data breaches and use inadequate privacy settings on their online accounts, high-level government security officials are exposed to a broader and more severe range of online threats, particularly from nation-state hackers, than most people. Officials told the news organization that many of the accounts and personal details were no longer used or had been updated. However, messages Der Spiegel sent to WhatsApp and Signal accounts belonging to Waltz and Gabbard were delivered, the publication reported. Only after they approached the government for comment were some of the accounts restricted.

**Internet Restrictions May Hide Initial Toll of Myanmar Earthquake Damage**

On Friday, a huge 7.7-magnitude earthquake and aftershock hit Myanmar, with widespread damage being reported hundreds of miles away in Thailand. At the time of writing, at least 144 people have been confirmed dead with hundreds of others injured in Myanmar. As the first impacts of the devastating quake started to emerge, The New York Times reported that long-standing and widespread internet restrictions in worn-torn Myanmar were likely making it harder for news of the damage to be understood. Since the country’s military junta took power in 2021, connectivity within Myanmar has been widely disrupted or blocked. For instance in 2023, 13 out of Myanmar’s 14 states faced internet disruptions.

In the wake of the earthquake, more video footage and news could be seen immediately emerging from neighbouring Thailand, experts told the Times. “Compare the coverage of the earthquake in Thailand, where tremors and damage have been extensively reported, posted and documented, to Myanmar, where we still don’t have a clear picture of the extent of the damage and loss and may not for some time,” Joe Freeman from Amnesty International said. The lack of connectivity may also make the recovery and humanitarian efforts harder to coordinate, once again highlighting the vital need for people to have reliable and open access to the internet.

**Alleged Snowflake Hacker Connor Moucka Agrees to US Extradition**

Last summer’s Snowflake hacking spree, where customers of the cloud storage company had their accounts targeted, was likely one of the largest mass data exfiltrations that’s publicly known. Toward the end of 2024, Canadian authorities arrested Alexander “Connor” Moucka, 26, who allegedly used online handles such as “Waifu” and “Judische,” in connection to the hacking activity. This week, Moucka consented to be extradited to the United States to face the alleged charges. According to Cyberscoop, Moucka faces 20 federal charges, including those linked to computer fraud, wire fraud, and aggravated identity theft. Moucka is not the only person allegedly behind the Snowflake hacking, with John Binns and Cameron Wagenius being named in indictments. It is unclear when Moucka’s extradition will take place.

**London Is Getting Its First Permanent Face Recognition Cameras**

Police forces across the UK have massively increased their use of live face recognition cameras in recent years. Use of the controversial technology has historically been temporary: mounting cameras on top of police vehicles and deploying them for specific events and set periods of time. That’s now set to change with the first permanent face recognition cameras being rolled out in London. The city’s Metropolitan Police are in the process of installing fixed cameras in Croydon, in the south of the city.

“This will mean our use of LFR technology will be far more embedded as a ‘business as usual’ approach rather than relying on the availability of the LFR vans that are in high demand across London,” a police official wrote in a letter seen by The Times of London. Reportedly, the cameras will not be used continuously, only when officers are nearby to monitor potential alerts. However, privacy campaigners fear the move could be further rolled out across the city, leading to a network of permanent face recognition cameras unlike those seen in any other democratic countries.

Top Trump Officials’ Passwords and Personal Phone Numbers Discovered Online

WIRED has found four new Venmo accounts that appear to be associated with Trump officials who were in an infamous Signal chat. One made a payment with a note consisting solely of an eggplant emoji.

A number of top Trump administration officials—including four who were on a now-infamous Signal group chat—appear to have Venmo accounts that have been leaking data, including contacts and in some cases transactions, to the public. Experts say this is a potentially serious counterintelligence problem that could allow foreign intelligence services to gain insight into a target’s social network or even identify individuals who could be paid or coerced to act against them.

The officials in question include Dan Katz, chief of staff at the US Treasury; Joe Kent, President Trump’s nominee for director of the National Counterterrorism Center; and Mike Needham, counselor and chief of staff to the secretary of state. All three were participants in the “Houthi PC small group” chat in which sensitive attack plans were discussed and to which Jeffrey Goldberg, editor in chief of The Atlantic, was accidentally invited. Katz was named in it as a point of contact by Scott Bessent, the Treasury secretary; Kent by Tulsi Gabbard, the director of national intelligence, to whom Kent serves as acting chief of staff; and Needham by Marco Rubio, the secretary of state.

A fourth official with an open Venmo account—Brian McCormack, a senior staffer on the National Security Council—also appears to have been in the chat, in which a user with the screen name “Brian” lists McCormack as a point of contact for the NSC. His account went private after WIRED reached out to the NSC for comment. (“Mr. McCormack has made necessary Venmo updates for his personal privacy protection,” says NSC spokesperson James Hewitt.)

Morgan Ortagus, a former Fox News personality and deputy to Steve Witkoff—Donald Trump’s special envoy for the Middle East, who was himself in the chat—also appears to have left Venmo data exposed.

WIRED established that the accounts are almost certainly those of the government officials in question by analyzing the other accounts they were connected to, which in the cases of Katz, Kent, and Needham included accounts appearing to belong to their spouses. The Treasury Department, the National Counterterrorism Center, and the State Department did not immediately respond to requests for comment.

Some of the information revealed by the accounts is quite granular. McCormack and the accounts that appear to belong to Katz and Ortagus, for example, left not only their contact lists publicly visible but also their transactions, which are as recent as last autumn. These records reveal specific information like a 2018 payment from Katz with a note consisting solely of an eggplant emoji and how much he paid an overnight cat sitter in 2019. They also reveal McCormack’s contributions to what appears to be a get-together for veterans of the Bush-Cheney administration (“Cheney team reunion! Thank you!!”), who has reimbursed Ortagus for picnic expenses, and Kent’s connection to noted conspiracy theorist Ivan Raiklin, who calls himself “the secretary of retribution” and once created a deep state target list.

WIRED has previously reported on the partially public Venmo accounts of several of the high-ranking officials in the Houthi PC chat, including Vice President JD Vance; Mike Waltz, the national security adviser; and Susie Wiles, the White House chief of staff. Waltz and Wiles set their accounts to private only after WIRED reached out to the White House for comment on Wednesday afternoon.

Venmo did not immediately respond to WIRED’s request for comment. In a statement given to WIRED in response to questions about the Waltz and Wiles accounts, spokesperson Erin Mackey said, “We take our customers’ privacy seriously, which is why we let customers choose their privacy settings on Venmo for both their individual payments and friends lists—and we make it incredibly simple for customers to make these private if they choose to do so.”

“From my perspective, as a veteran, everyone is entitled to use the applications and services they feel are necessary to live their lives,” says Tara Lemieux, a 35-year veteran of the US intelligence community including the National Security Agency, Department of Homeland Security, and supporting agencies. “That said, when you post anything in those third-party applications and you don’t understand how that information can be shared or exploited, you are taking a risk for our nation—and that’s not acceptable.”

For Lemieux, while public transactions on Venmo might appear harmless, foreign intelligence services—particularly signals intelligence agencies—look for patterns: who’s paying whom, how often, and when. “Say they’re making payments to their children—now you have a point of leverage. If there’s someone out there looking to target you, they can use that information and start making you feel fearful for the safety of your children,” Lemieux says.

“The speed of the digital world has outpaced our ability to keep a handle on it,” she adds. “If you have all this information out there—how the heck are you going to put the toothpaste back in the tube?”

Mike Yeagley, a specialist in commercial data and its security risks, has spent over 15 years advising the US Department of Defense on how both allies and adversaries leverage what he calls “digital exhaust,” the seemingly mundane details—social connections, service transactions, and metadata trails—left behind in everyday apps. “At the highest level of our national security leadership, regardless of administration, there has to be an awareness of our data and what we project that can be discoverable,” he says.

“What’s the risk of someone at the Cabinet level using Venmo to pay their personal trainer? On the surface, it doesn’t look like much,” Yeagley says. “But now I know who that trainer is—or the gardener, or whoever—and suddenly I’ve expanded my ability to target by identifying the people around that official.”

Yeagley adds that “our adversaries are sophisticated and carnivorous in their data collection,” which means that “just the smallest bit of daylight is of interest to someone sophisticated. They will use that data point. They will build from it.”

According to Vemmo, its “contact syncing” feature allows users to upload phone contacts to the app so that they can find people they know. When these exposed Venmo accounts were set up—all before 2020—the app would display a prompt allowing users to sync their phone contacts, automatically populating their friends list with anyone in their address book already using the platform. Venmo says this functionality was deprecated more than two years ago. Today, contact syncing no longer creates connections by default. To add someone as a friend, users have to search for them, send a request, and have it accepted.

Nevertheless, according to Venmo’s privacy policy, unless users proactively change their privacy settings, their network remains visible to anyone. That means that even when a user sets their account to private, their friends list remains visible unless they take an additional step. As of publication, hiding your connections requires navigating to **Settings** > **Privacy** > **Friends List** and selecting **Private**.

_Stephen Lurie contributed reporting._

Even More Venmo Accounts Tied to Trump Officials in Signal Group Chat Left Data Public

Scandal surrounding the Trump administration’s Signal group chat has led to a landmark week for the encrypted messaging app’s adoption—its “largest US growth moment by a massive margin.”

SignalGate, as it's come to be called, may be the biggest scandal to hit the Trump administration in its first months in power. But it's been great for Signal.

Since the news broke on Monday that senior Trump administration cabinet members accidentally included the editor in chief of The Atlantic in a group chat on the Signal encrypted messaging platform where the officials were making secret plans to bomb Yemen, the ensuing news cycle and the constant mentions of Signal have led to the encrypted messaging platform doubling its usual rate of new downloads, the nonprofit organization that runs Signal tells WIRED. Given that 2025 has already been a “banner year” for Signal's growth, according to Signal's leadership, that makes this week the single biggest bump in US adoption of the app in Signal's nearly 11 years of existence.

“In Signal’s history, this is the largest US-growth moment by a massive margin,” says Jun Harada, Signal's head of growth and partnerships. “It’s mind-blowing, even on our side.”

Harada declined to give absolute numbers for Signal's user growth beyond saying that its total downloads are in the “hundreds of millions,” which has been the case for several years. But he said that the week’s rate of adoption has been twice that of a typical week for 2025, which in turn was twice that of a typical week the same time last year. “It happened immediately” after The Atlantic broke the story of Signal's use in the Yemeni bombing, Harada says. “And it’s been sustained. We’ve been maintaining that rate every day.”

In Signal's history, the only comparable spike in adoption occurred when WhatsApp changed its privacy policy in 2021, Harada says, leading to millions of users abandoning that communications app. But that incident mostly brought non-Americans to Signal, unlike the current, US-focused SignalGate bump.

Numbers from the market intelligence firm Sensor Tower largely align with Signal's own analysis of that growth: The company says that Signal downloads in the US increased 105 percent compared to the prior week—and 150 percent compared to an average week in 2024. Outside of the US, Sensor Tower saw only a 21 percent increase in Signal downloads compared to the prior week.

The Atlantic's revelation on Monday that secretary of defense Pete Hegseth, director of national intelligence Tulsi Gabbard, national security adviser Michael Waltz, vice president JD Vance, and other Trump administration officials used a Signal group chat to plan an air strike against Houthi rebels in Yemen—and that Waltz accidentally added Atlantic editor Jeffrey Goldberg to that group in a shocking breach of confidentiality—has raised serious questions about the security practices of the Trump administration that are still resonating days later.

The scandal has called into question whether the executive branch officials were planning the air strike using vulnerable non-approved or even personal devices rather than the secure machines intended for classified conversations. Screenshots of the group chat published by The Atlantic on Wednesday indicate that the officials were using Signal's disappearing messages feature to delete their communications, potentially in violation of US record retention laws.

The incident has raised sometimes-misguided questions, too, about whether Signal itself is to blame for the breach—including from President Trump, who suggested in comments on Wednesday that Signal might be “defective"—despite many cybersecurity and encryption experts' recommendation of Signal as the best end-to-end encrypted messaging tool freely available to the public. “You use Signal, we use Signal, everyone uses Signal,” Trump told reporters, “but it could be a defective platform.”

Signal's Harada declined to respond to Trump's “defective” comment and pointed to Signal's previous statements that it has yet to see any evidence of any vulnerability in the app, much less one that has anything to do with Jeffrey Goldberg being accidentally added to a White House group chat.

But Harada noted that the overall attention to Signal—even the president himself saying that “everyone uses Signal” in the Oval Office—is an example of the kind of visibility it has never had before. “All awareness for Signal is a net positive. The interest in Signal continues to be at an all-time high,” Harada says.

“I don’t think my phone has ever buzzed this much, from people from every walk of life. People are learning about Signal who maybe have never even heard about or considered encrypted messaging before.” Harada also pointed to a report that Google searches for “Signal” were up more than 1,000 percent.

Harada says that Signal was already seeing a significant uptick in adoption in the first few months of 2025. He attributes that growth partly to increasing general interest in privacy among consumers and partly to the breach of nine US telecoms by China's Salt Typhoon hacker group, which led to the hackers accessing some targets' real-time calls and texts. Federal officials at the FBI and the Cybersecurity and Infrastructure Security Agency responded to those breaches by publicly recommending that Americans use encrypted messaging and calling applications.

But all of that has been dwarfed by the attention and interest Signal has received this week. As messy as SignalGate may be, Harada says, it has made Signal a household name like never before. “To have this kind of mainstream moment is massive,” he says. “I believe it’s a sea change for private encrypted messaging for the US and the world.”

SignalGate Is Driving the Most US Downloads of Signal Ever

A WIRED review shows national security adviser Mike Waltz, White House chief of staff Susie Wiles, and other top officials left sensitive information exposed via Venmo—until WIRED asked about it.

A Venmo account under the name “Michael Waltz,” carrying a profile photo of the national security adviser and connected to accounts bearing the names of people closely associated with him, was left open to the public until Wednesday afternoon. A WIRED analysis shows that the account revealed the names of hundreds of Waltz’s personal and professional associates, including journalists, military officers, lobbyists, and others—information a foreign intelligence service or other actors could exploit for any number of ends, experts say.

Among the accounts linked to “Michael Waltz” are ones that appear to belong to Susie Wiles, the White House chief of staff, and Walker Barrett, a staffer on the United States National Security Council. Both were fellow participants in a now-infamous Signal group chat called “Houthi PC small group.”

The White House declined to comment after being presented with WIRED’s findings, but the accounts appearing to belong to Waltz and Wiles went fully private following WIRED’s inquiry.

Earlier this week, The Atlantic reported that an account with the name “Michael Waltz” accidentally invited the publication’s editor in chief, Jeffrey Goldberg, to the chat, in which senior administration officials discussed plans for a strike on Yemen. (Waltz told Fox News’ Laura Ingraham he takes “full responsibility” for inviting Goldberg, adding, “We have some of the best technology minds looking at how this happened.”) Over the encrypted messaging app, which Department of Defense guidelines bar from being used for the discussion of any nonpublic defense information, the group debated whether a strike should be carried out at all. Hours after an account with the name of defense secretary Pete Hegseth shared missile targets, strike timing, and other highly sensitive operational details of a coming strike, US forces bombed Houthi targets in Yemen, reportedly killing at least 53 people.

A WIRED review of public data exposed on Venmo accounts associated with senior administration officials suggests that the Signal group chat was not an isolated mistake, but part of a broader pattern of what national security experts describe as reckless behavior by some of the most powerful people in the US government.

The Venmo account under Waltz’s name includes a 328-person friend list. Among them are accounts sharing the names of people closely associated with Waltz, such as Barrett, formerly Waltz’s deputy chief of staff when Waltz was a member of the House of Representatives, and Micah Thomas Ketchel, former chief of staff to Waltz and currently a senior adviser to Waltz and President Donald Trump.

Other accounts carry the names of a wide range of media figures, from on-air personalities like Bret Baier and Brian Kilmeade of Fox News and Brianna Keilar and Kristen Holmes of CNN to a cable news producer, a prominent national security reporter, local news anchors, documentarians, and noted conspiracy theorist Ivan Raiklin, who calls himself the “the secretary of retribution” and once created a deep state target list. (Fox News declined to comment; CNN did not respond to a request for comment.)

Many of the accounts appear to belong to local and national politicians and political operatives ranging from US representative Dan Crenshaw of Texas to a former mayor of Deltona, Florida, as well as venture capitalists, defense industry entrepreneurs, and executives like Christian Brose, the president of defense tech giant Anduril. (Crenshaw’s office and Anduril did not respond to requests for comment.)

One of the most notable appears to belong to Wiles, one of Trump’s most trusted political advisers. That account’s 182-person friend list includes accounts sharing the names of influential figures like Pam Bondi, the US attorney general, and Hope Hicks, Trump’s former White House communications director.

While none of the Venmo transactions for the account listed for Waltz, Wiles, or Barrett were publicly visible, it appears that none of them had opted out of sharing their contact list, allowing their friend lists to remain visible to the public. After WIRED reached out to the White House for comment, both Waltz and Wiles appeared to change their Venmo privacy settings to hide their friend lists.

Venmo spokesperson Erin Mackey said in a statement, “We take our customers’ privacy seriously, which is why we let customers choose their privacy settings on Venmo for both their individual payments and friends lists—and we make it incredibly simple for customers to make these private if they choose to do so.” The comment is nearly identical to the one Venmo provided to WIRED in response to a 2024 story about now-vice president JD Vance’s Venmo.

Last July, WIRED reported that Vance had left his Venmo account public, exposing a network of connections to Project 2025 architects, DOJ officials, Yale Law classmates, and far-right media figures. (While it was not reported at the time, WIRED’s analysis of that public Venmo account—and the networks of his listed friends—found that the Michael Waltz Venmo account appeared in Vance’s extended network, comprising friends and friends of friends.) According to The Atlantic, Vance was also an active participant in the Signal chat alongside Waltz, where he questioned whether the planned military operation in Yemen aligned with President Trump’s broader message on Europe.

When the Michael Waltz account was set up in 2017, the app would display a prompt allowing users to sync their phone contacts, automatically populating their friends list with anyone in their address book already using the platform. Privacy advocates, including the Electronic Frontier Foundation, criticized this design, arguing that it exposes users to unnecessary risks by making social connections public by default. It wasn’t until BuzzFeed News revealed in 2021 that then-president Joe Biden was easily found on the app that Venmo, which is owned by PayPal, added the option to hide friend lists. But that setting remains opt-in. According to its privacy policy, unless users proactively change their privacy settings, their network remains visible to anyone.

Mixed in with the high-profile names connected to the apparent Waltz Venmo account are a number of accounts appearing to belong to ordinary people, such as several doctors, real estate agents, and a tailor. These are the kinds of low-level connections that, experts say, spies look at for basic information—a relationship with a medical specialist could expose that a person is being treated for an illness that hasn’t been made public—as well as patterns, pressure points, or a way in. Experts call them “soft targets”: people who have access but aren’t protected.

For instance, when the US and Israel reportedly sabotaged Iran’s nuclear program with the Stuxnet virus, they used a control engineer’s USB stick, not one belonging to a senior official. Chinese intelligence has used similar tactics, contacting thousands of foreign citizens using LinkedIn or going after university students to get closer to US researchers and companies. While WIRED has found no evidence that foreign adversaries have used Venmo to target a US politician’s network, the platform makes these relationships visible—potentially giving adversaries a searchable map of the people around power.

“The first thing you think of is the counterintelligence issue, right? And the security vulnerabilities. It kind of boggles the mind, in a way,” says Michael Ard, a former intelligence analyst who now runs the masters program in intelligence analysis at Johns Hopkins. “It would be really easy for somebody to spoof a contact, and that is something the security industry has already been issuing notices on.”

Waltz has spent years inside the Republican national security establishment. A former Green Beret—something reflected in the number of apparent veteran Green Berets, Navy SEALs, and other special operators to whom the Venmo account bearing his name is connected—he served as a defense adviser at the Pentagon under former defense secretaries Donald Rumsfeld and Robert Gates, and later counseled US vice president Dick Cheney on counterterrorism. In 2020, following the US drone strike that killed Iranian general Qassem Soleimani, Waltz says he was part of a small group of lawmakers privately briefed at the White House.

Another participant in that thread was Hegseth. A public Venmo account under his name, identified by The American Prospect in February, revealed a similarly elite network—including names matching executives at defense firms like Palantir and Anduril as well as lobbyists and President George W. Bush–era officials. In the Signal chat, the defense secretary directly responded to Vance’s concerns: “VP: I fully share your loathing of European free-loading. It’s PATHETIC.”

Both Vance’s and Hegseth’s Venmo accounts have since been deleted.

_Jake Lahut contributed reporting._

Mike Waltz Left His Venmo Friends List Public

The Trump cabinet’s shocking leak of its plans to bomb Yemen raises myriad confidentiality and legal issues. The security of the encrypted messaging app Signal is not one of them.

The eye-popping scandal surrounding the Trump cabinet’s accidental invitation to The Atlantic’s editor in chief to join a text-message group secretly planning a bombing in Yemen has rolled into its third day, and that controversy now has a name: SignalGate, a reference to the fact that the conversation took place on the end-to-end encrypted free messaging tool Signal.

As that name becomes a shorthand for the biggest public blunder of the second Trump administration to date, however, security and privacy experts who have promoted Signal as the best encrypted messaging tool available to the public want to be clear about one thing: SignalGate is not about Signal.

Since The Atlantic’s editor, Jeffrey Goldberg, revealed Monday that he was mistakenly included in a Signal group chat earlier this month created to plan US airstrikes against the Houthi rebels in Yemen, the reaction from the Trump cabinet’s critics and even the administration itself has in some cases seemed to cast blame on Signal for the security breach. Some commentators have pointed to reports last month of Signal-targeted phishing by Russian spies. National security adviser Michael Waltz, who reportedly invited Goldberg to the Signal group chat, has even suggested that Goldberg may have hacked into it.

On Wednesday afternoon, even President Donald Trump suggested Signal was somehow responsible for the group chat fiasco. “I don't know that Signal works,” Trump told reporters at the White House. “I think Signal could be defective, to be honest with you.”

The real lesson is much simpler, says Kenn White, a security and cryptography researcher who has conducted audits on widely used encryption tools in the past as the director of the Open Crypto Audit Project: Don’t invite untrusted contacts into your Signal group chat. And if you’re a government official working with highly sensitive or classified information, use the encrypted communication tools that run on restricted, often air-gapped devices intended for a top-secret setting rather than the unauthorized devices that can run publicly available apps like Signal.

“Unequivocally, no blame in this falls on Signal,” says White. “Signal is a communication tool designed for confidential conversations. If someone's brought into a conversation who’s not meant to be part of it, that's not a technology problem. That's an operator issue.”

Cryptographer Matt Green, a professor of computer science at Johns Hopkins University, puts it more simply. “Signal is a tool. If you misuse a tool, bad things are going to happen,” says Green. “If you hit yourself in the face with a hammer, it’s not the hammer’s fault. It’s really on you to make sure you know who you’re talking to.”

The only sense in which SignalGate _is_ a Signal-related scandal, White adds, is that the use of Signal suggests that the cabinet-level officials involved in the Houthi bombing plans, including secretary of defense Pete Hegseth and director of national intelligence Tulsi Gabbard, were conducting the conversation on internet-connected devices—possibly even including personal ones—since Signal wouldn’t typically be allowed on the official, highly restricted machines intended for such conversations. “In past administrations, at least, that would be absolutely forbidden, especially for classified communications,” says White.

Indeed, using Signal on internet-connected commercial devices doesn’t just leave communications open to anyone who can somehow exploit a hackable vulnerability in Signal, but anyone who can hack the iOS, Android, Windows, or Mac devices that might be running the Signal mobile or desktop apps.

This is why US agencies in general, and the Department of Defense in particular, conduct business on specially managed federal devices that are specially provisioned to control what software is installed and which features are available. Whether the cabinet members had conducted the discussion on Signal or another consumer platform, the core issue was communicating about incredibly high-stakes, secret military operations using inappropriate devices or software.

One of the most straightforward reasons that communication apps like Signal and WhatsApp are not suitable for classified government work is that they offer “disappearing message” features—mechanisms to automatically delete messages after a preset amount of time—that are incompatible with federal record retention laws. This issue was on full display in the principals’ chat about the impending strike on Yemen, which was originally set for one-week auto-delete before the Michael Waltz account changed the timer to four-week auto-delete, according to screenshots of the chat published by The Atlantic on Wednesday. Had The Atlantic’s Goldberg not been mistakenly included in the chat, its contents might not have been preserved in accordance with long-standing government requirements.

In congressional testimony on Wednesday, US director of national intelligence Tulsi Gabbard said that Signal can come preinstalled on government devices. Multiple sources tell WIRED that this is not the norm, though, and noted specifically that downloading consumer apps like Signal to Defense Department devices is highly restricted and often banned. The fact that Hegseth, the defense secretary, participated in the chat indicates that he either obtained an extremely unusual waiver to install Signal on a department device, bypassed the standard process for seeking such a waiver, or was using a non-DOD device for the chat. According to political consultant and podcaster FP Wellman, DOD “political appointees” demanded that Signal be installed on their government devices last month.

Core to the Trump administration’s defense of the behavior is the claim that no classified material was discussed in the Signal chat. In particular, Gabbard and others have noted that Hegseth himself is the classification authority for the information. Multiple sources tell WIRED, though, that this authority does not make a consumer application the right forum for such a discussion.

“The way this was being communicated, the conversation had no formal designation like 'for official use only' or something. But whether it should have been classified or not, whatever it was, it was obviously sensitive operational information that no soldier or officer would be expected to release to the public—but they had added a member of the media into the chat,” says Andy Jabbour, a US Army veteran and founder of the domestic security risk-management firm Gate 15.

Jabbour adds that military personnel undergo annual information awareness and security training to reinforce operating procedures for handling all levels of nonpublic information. Multiple sources emphasize to WIRED that while the information in the Yemen strike chat appears to meet the standard for classification, even nonclassified material can be extremely sensitive and is typically carefully protected.

“Putting aside for a moment that classified information should never be discussed over an unclassified system, it’s also just mind-boggling to me that all of these senior folks who were on this line and nobody bothered to even check, security hygiene 101, who are all the names? Who are they?” US senator Mark Warner, a Virginia Democrat, said during Tuesday’s Senate Intelligence Committee hearing.

According to The Atlantic, 12 Trump administration officials were in the Signal group chat, including vice president JD Vance, secretary of state Marco Rubio, and Trump adviser Susie Wiles. Jabbour adds that even with ​​decisionmaking authorities present and participating in a communication, establishing an information designation or declassifying information happens through an established, proactive process. As he puts it, “If you spill milk on the floor, you can’t just say, ‘That’s actually not spilled milk, because I intended to spill it.’”

All of which is to say, SignalGate raises plenty of security, privacy, and legal issues. But the security of Signal itself is not one of them. Despite that, in the wake of The Atlantic’s story on Monday, some have sought tenuous connections between the Trump cabinet’s security breach and Signal vulnerabilities. On Tuesday, for example, a Pentagon adviser echoed a report from Google’s security researchers, who alerted Signal earlier this year to a phishing technique that Russian military intelligence used to target the app’s users in Ukraine. But Signal pushed out an update to make that tactic—which tricks users into adding a hacker as a secondary device on their account—far harder to pull off, and the same tactic also targeted some accounts on the messaging services WhatsApp and Telegram.

“Phishing attacks against people using popular applications and websites are a fact of life on the internet,” Signal spokesperson Jun Harada tells WIRED. “Once we learned that Signal users were being targeted, and how they were being targeted, we introduced additional safeguards and in-app warnings to help protect people from falling victim to phishing attacks. This work was completed months ago."

In fact, says White, the cryptography researcher, if the Trump administration is going to put secret communications at risk by discussing war plans on unapproved commercial devices and freely available messaging apps, they could have done much worse than to choose Signal for those conversations, given its reputation and track record among security experts.

“Signal is the consensus recommendation for highly at-risk communities—human rights activists, attorneys, and confidential sources for journalists,” says White. Just not, as this week has made clear, executive branch officials planning airstrikes.

_Updated at 5:50 pm ET, March 25, 2025: Added remarks about Signal by President Trump._

Source

Wired