Sophisticated Cyberattack Targeting Smartphones of Government, Political, Tech, and Journalism Professionals

**Sophisticated Chinese-Linked Cyberattack Targets US Officials, Journalists, and Tech Figures via Mobile Devices** Cybersecurity investigators uncovered a highly sophisticated cyberattack targeting the smartphones of US government officials, political figures, tech professionals, and journalists—many with ties to China’s strategic interests. The campaign, which began in late 2024 and extended into 2025, exploited vulnerabilities to infiltrate devices *without requiring user interaction*, leaving no clear traces of the attackers’ identities. Researchers at cybersecurity firm **iVerify** identified the victims as individuals previously targeted by Chinese state-linked hackers, suggesting a deliberate focus on high-value intelligence. The attack underscores the growing threat to mobile security, with experts warning that smartphones—often overlooked in cyber defenses—have become prime targets for espionage. **"The world is in a mobile security crisis right now,"** said **Rocky Cole**, former NSA and Google cybersecurity expert and COO of iVerify. **"No one is watching the phones."** The incident aligns with broader US intelligence assessments of China’s cyber capabilities. In December 2024, US authorities revealed a **large-scale Chinese hacking operation** that accessed text messages and real-time phone calls of an unknown number of Americans. **Rep. Raja Krishnamoorthi (D-Ill.)**, a member of the House Intelligence Committee, confirmed hackers had attempted to breach devices used by **Donald Trump and JD Vance** during the 2024 presidential campaign. China has denied the allegations, accusing the US of hypocrisy and citing its own claims of American cyberespionage. Mobile devices, particularly those used by senior officials, present a **lucrative intelligence opportunity**, containing sensitive communications, passwords, and policy discussions. However, their security often lags behind their ubiquity. While smartphones themselves may have robust protections, **third-party apps, connected devices, and outdated software** create vulnerabilities. Fitness trackers, smart appliances, and even **internet-connected toys** (such as a hacked Barbie doll with a microphone) have been exploited as entry points for malware and network infiltration. The US has taken steps to mitigate risks, including banning Chinese telecom firms from domestic networks and launching a **"cyber trust mark"** program for secure IoT devices. Yet concerns persist, particularly around **Chinese state-owned companies** that maintain routing and cloud infrastructure in the US. **Rep. John Moolenaar (R-Mich.)**, chair of the House China Committee, issued subpoenas in April 2025 to investigate whether these firms pose a backdoor threat to critical infrastructure. User behavior also remains a critical weak point. High-profile security lapses have highlighted the dangers of **unsecured communications**, even among top officials. Former Trump national security adviser **Mike Waltz** accidentally added a journalist to a **Signal chat** discussing military plans, while **Defense Secretary Pete Hegseth** reportedly bypassed Pentagon security protocols to use Signal on a personal device—despite the app’s lack of approval for classified communications. Experts stress that such oversights provide adversaries like China with exploitable openings. As mobile devices grow more integrated into national security and daily operations, the attack serves as a stark reminder of their **dual role as tools and targets**—and the urgent need for stronger safeguards in an era of escalating digital conflict.