A limited number of devices owned by individuals involved in politics, tech, government, and journalism were affected by an extremely rare software breakdown, which cybersecurity specialists detected.
A complex cyberattack may have begun with the crashes that started at the end of 2018 and continued into 2025, giving hackers the opportunity to potentially breach a phone without the user’s knowledge or consent.
Although the perpetrators’ identity remained a mystery, iVerify, a cybersecurity company, discovered a common thread among the victims: they were all employed in industries of importance to the Chinese government and had previously been the targets of cyberattacks perpetrated by Chinese hackers.
Smartphones, along with other mobile devices and the applications they run, have been more and more singled out by foreign hackers as a vulnerability in the cybersecurity of the United States. Security and IT professionals have discovered that groups associated with China’s military and intelligence services have penetrated communications networks and gone for the cellphones of well-known Americans.
According to those experts, it demonstrates how susceptible mobile devices and applications are to security breaches, which might lead to the exposure of sensitive information or the exposure of American interests to cyberattacks.
“The world is in a mobile security crisis right now,” stated Rocky Cole, who is currently chief operating officer of iVerify and formerly a cybersecurity expert at the National Security Agency and Google. “The phones are being ignored.”
The US accuses China of being a threat, and Beijing responds by making charges of its own.
In December, U.S. officials issued a warning about a massive Chinese cyber effort that aimed to access the communications of an undetermined number of Americans.
“They were able to listen in on phone calls in real time and able to read text messages,” stated Illinois Representative Raja Krishnamoorthi. In addition to his work on the House Intelligence Committee, he heads the bipartisan Committee on the Chinese Communist Party, which investigates China’s role in international politics.
During the 2024 campaign, Chinese hackers also tried to get into the phones of Donald Trump and his running mate, JD Vance.
Claiming that the United States is engaging in cyberoperations of its own, the Chinese leadership has rejected charges of cyberespionage. According to the report, the United States uses national security concerns as a pretext to blacklist Chinese groups and block Chinese tech businesses from international trade.
During a recent news briefing, Lin Jian, a representative from China’s foreign ministry, stated, “The U.S. has long been using all kinds of despicable methods to steal other countries’ secrets.” This was in reference to inquiries over a possible CIA effort to recruit Chinese informants.
According to U.S. intelligence officials, China is a long-term danger to American economic and political interests, and it uses digital warfare tactics like cyber surveillance, espionage, and online propaganda to gain an advantage in future conflicts.
The most important thing is mobile networks. The United States and a number of its closest allies have cut ties with Chinese telecom providers. Germany is among the nations that are gradually cutting ties with China due to security concerns. Experts warn that state-controlled Chinese tech enterprises have a worldwide footprint that might be used for cyberattacks since Chinese tech firms are still heavily integrated into many nations’ networks.
Concern among lawmakers is increasing over the fact that Chinese telecom corporations continue to use some U.S.-based routing and cloud storage technologies.
The chairman of the China committee, U.S. Rep. John Moolenaar (R-Michigan), has stated that “the American people deserve to know if Beijing is quietly using state-owned firms to infiltrate our critical infrastructure.” Moolenaar is responsible for issuing subpoenas to Chinese telecom companies in April who were seeking information about their U.S. operations.
A veritable treasury of intelligence is now housed in mobile devices.
Smartphones have the capability to purchase stocks, control drones, and even power plants. Their security has frequently lagged behind their proliferation.
Because they include passwords, secret government information, and a window into policy meetings and decision-making, the phones of high-ranking government officials are extremely valuable.
Last week, the White House said that an imposter had contacted senators, governors, and business executives by text message and phone call while pretending to be Trump’s chief of staff, Susie Wiles.
The Wall Street Journal stated that someone allegedly acquired access to Wiles’ personal cellphone contacts, although how exactly they obtained her connections is unknown. According to the publication, Wiles’ number was not the source of the texts and calls.
While the majority of mobile devices have strong security built in, many apps and linked devices do not. Additionally, these devices may not always receive the necessary software upgrades to keep up with emerging threats. That means hackers may use any smart device—a fitness tracker, a baby monitor, or any other device—as a springboard to steal data, instal malware, or breach networks.
This year, federal authorities began an initiative to create a “cyber trust mark” to identify internet-connected gadgets that are secure enough to fulfill government requirements. Snehal Antani, a former top technologist for the Joint Special Operations Command at the Pentagon, warned that authorities and consumers should be vigilant.
After leaving her position as CEO of cybersecurity startup Horizon3.ai, Antani made the comment, “They’re finding backdoors in Barbie dolls,” in reference to the worries voiced by researchers who managed to breach the microphone of a digitally linked Barbie.
Smartphone users should take steps to avoid potential risks.
According to experts, fundamental security measures are more important than the device’s security features when it comes to protecting secret or sensitive information.
After leaving his position as national security advisor to Trump, Mike Waltz accidentally added the editor-in-chief of The Atlantic to a Signal discussion where other senior officials discussed military options.
A personal computer in Defense Secretary Pete Hegseth’s office was configured with an internet connection that circumvented the Pentagon’s security standards, allowing him to access the Signal messaging software, according to the AP.
Claims that Hegseth communicated secret material on the widely used encrypted messaging software Signal—an app that has been explicitly forbidden from transmitting sensitive data—are unfounded.
Michael Williams, a national security specialist at Syracuse University, warned that other countries, including China, may attempt to exploit similar gaps, and that national security officials should act to ensure that they do not occur again.
Their access to many encrypted communication systems is unlimited, according to Williams. “Honestly, we can’t just share things without thinking.”
