Sophisticated Chinese-Linked Cyberattack Targets US Officials, Journalists, and Tech Figures via Mobile Devices
Cybersecurity investigators uncovered a highly sophisticated cyberattack targeting the smartphones of US government officials, political figures, tech professionals, and journalists—many with ties to China’s strategic interests. The campaign, which began in late 2024 and extended into 2025, exploited vulnerabilities to infiltrate devices without requiring user interaction, leaving no clear traces of the attackers’ identities.
Researchers at cybersecurity firm iVerify identified the victims as individuals previously targeted by Chinese state-linked hackers, suggesting a deliberate focus on high-value intelligence. The attack underscores the growing threat to mobile security, with experts warning that smartphones—often overlooked in cyber defenses—have become prime targets for espionage. "The world is in a mobile security crisis right now," said Rocky Cole, former NSA and Google cybersecurity expert and COO of iVerify. "No one is watching the phones."
The incident aligns with broader US intelligence assessments of China’s cyber capabilities. In December 2024, US authorities revealed a large-scale Chinese hacking operation that accessed text messages and real-time phone calls of an unknown number of Americans. Rep. Raja Krishnamoorthi (D-Ill.), a member of the House Intelligence Committee, confirmed hackers had attempted to breach devices used by Donald Trump and JD Vance during the 2024 presidential campaign. China has denied the allegations, accusing the US of hypocrisy and citing its own claims of American cyberespionage.
Mobile devices, particularly those used by senior officials, present a lucrative intelligence opportunity, containing sensitive communications, passwords, and policy discussions. However, their security often lags behind their ubiquity. While smartphones themselves may have robust protections, third-party apps, connected devices, and outdated software create vulnerabilities. Fitness trackers, smart appliances, and even internet-connected toys (such as a hacked Barbie doll with a microphone) have been exploited as entry points for malware and network infiltration.
The US has taken steps to mitigate risks, including banning Chinese telecom firms from domestic networks and launching a "cyber trust mark" program for secure IoT devices. Yet concerns persist, particularly around Chinese state-owned companies that maintain routing and cloud infrastructure in the US. Rep. John Moolenaar (R-Mich.), chair of the House China Committee, issued subpoenas in April 2025 to investigate whether these firms pose a backdoor threat to critical infrastructure.
User behavior also remains a critical weak point. High-profile security lapses have highlighted the dangers of unsecured communications, even among top officials. Former Trump national security adviser Mike Waltz accidentally added a journalist to a Signal chat discussing military plans, while Defense Secretary Pete Hegseth reportedly bypassed Pentagon security protocols to use Signal on a personal device—despite the app’s lack of approval for classified communications. Experts stress that such oversights provide adversaries like China with exploitable openings.
As mobile devices grow more integrated into national security and daily operations, the attack serves as a stark reminder of their dual role as tools and targets—and the urgent need for stronger safeguards in an era of escalating digital conflict.
Iverify cybersecurity rating report: https://www.rankiteo.com/company/iverify
White Oak Search Group cybersecurity rating report: https://www.rankiteo.com/company/white-oak-search-group
"id": "IVEWHI1767166021",
"linkid": "iverify, white-oak-search-group",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Government',
'location': 'United States',
'name': 'Government officials',
'type': 'Individuals'},
{'industry': 'Politics',
'location': 'United States',
'name': 'Political figures',
'type': 'Individuals'},
{'industry': 'Technology',
'location': 'United States',
'name': 'Tech professionals',
'type': 'Individuals'},
{'industry': 'Media',
'location': 'United States',
'name': 'Journalists',
'type': 'Individuals'},
{'industry': 'Politics',
'location': 'United States',
'name': 'Donald Trump and JD Vance',
'type': 'Individuals'}],
'attack_vector': 'Zero-click exploit',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Text messages',
'Phone calls',
'Sensitive government '
'information',
'Passwords',
'Policy discussions']},
'date_detected': '2024-12-01',
'date_publicly_disclosed': '2025',
'description': 'Cybersecurity investigators discovered a highly unusual '
'software crash affecting smartphones of individuals in '
'government, politics, tech, and journalism. The crashes, '
'occurring from late 2024 into 2025, were part of a '
'sophisticated cyberattack allowing hackers to infiltrate '
'phones without user interaction. Victims had ties to fields '
"of interest to China's government and had been previously "
'targeted by Chinese hackers.',
'impact': {'data_compromised': 'Text messages, phone calls, sensitive '
'government information, passwords, policy '
'discussions',
'identity_theft_risk': 'High',
'operational_impact': 'Potential exposure of classified or '
'sensitive information',
'systems_affected': 'Smartphones (unspecified models)'},
'initial_access_broker': {'entry_point': 'Mobile devices and apps',
'high_value_targets': 'Government officials, '
'political figures, tech '
'professionals, journalists'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Mobile devices and apps are a weak link in cyber '
'defenses, requiring enhanced security measures and user '
'precautions. Basic security lapses can expose sensitive '
'information to state-sponsored hackers.',
'motivation': 'Espionage, access to sensitive information, and geopolitical '
'advantage',
'post_incident_analysis': {'corrective_actions': ['Enhanced monitoring of '
'mobile networks',
'Stricter security '
'protocols for sensitive '
'information',
'Phasing out Chinese '
'telecom firms from '
'critical infrastructure'],
'root_causes': ['Mobile device and app security '
'weaknesses',
'Lack of user precautions',
'Involvement of state-controlled '
'telecom firms in critical '
'infrastructure']},
'recommendations': ['Implement stricter security protocols for mobile devices '
'handling sensitive information',
'Enhance monitoring of mobile networks and connected '
'devices',
'Educate users on basic security precautions',
'Phase out involvement of state-controlled telecom firms '
'in critical infrastructure',
'Adopt federal security standards for connected devices '
"(e.g., 'cyber trust mark')"],
'references': [{'source': 'The Economic Times'},
{'source': 'The Wall Street Journal'},
{'source': 'AP News'}],
'response': {'third_party_assistance': 'iVerify (cybersecurity firm)'},
'stakeholder_advisories': 'US authorities have warned about Chinese hacking '
'campaigns targeting mobile devices. National '
'security officials are urged to use approved '
'secure communications platforms.',
'threat_actor': 'Chinese state-sponsored hackers',
'title': 'Sophisticated Cyberattack Targeting Smartphones of Government, '
'Political, Tech, and Journalism Professionals',
'type': 'Cyber Espionage',
'vulnerability_exploited': 'Mobile device and app security weaknesses'}