WASHINGTON — WASHINGTON (AP) —
Cybersecurity investigators noticed a highly unusual software crash — it was affecting a small number of smartphones belonging to people who worked in government, politics, tech and journalism.
The crashes, which began late last year and carried into 2025, were the tipoff to a sophisticated cyberattack that may have allowed hackers to infiltrate a phone without a single click from the user.
The attackers left no clues about their identities, but investigators at the cybersecurity firm iVerify noticed that the victims all had something in common: They worked in fields of interest to China’s government and had been targeted by Chinese hackers in the past.
Foreign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses. Groups linked to China’s military and intelligence service have targeted the smartphones of prominent Americans and burrowed deep into telecommunication networks, according to national security and tech experts.
It shows how vulnerable mobile devices and apps are and the risk that security failures could expose sensitive information or leave American interests open to cyberattack, those experts say.
“The world is in a mobile security crisis right now,” said Rocky Cole, a former cybersecurity expert at the National Security Agency and Google and now chief operations officer at iVerify. “No one is watching the phones.”
U.S. authorities warned in December of a sprawling Chinese hacking campaign designed to gain access to the texts and phone conversations of an unknown number of Americans.
“They were able to listen in on phone calls in real time and able to read text messages,” said Rep. Raja Krishnamoorthi of Illinois. He is a member of the House Intelligence Committee and the senior Democrat on the Committee on the Chinese Communist Party, created to study the geopolitical threat from China.
Chinese hackers also sought access to phones used by Donald Trump and running mate JD Vance during the 2024 campaign.
The Chinese government has denied allegations of cyberespionage, and accused the U.S. of mounting its own cyberoperations. It says America cites national security as an excuse to issue sanctions against Chinese organizations and keep Chinese technology companies from the global market.
“The U.S. has long been using all kinds of despicable methods to steal other countries’ secrets,” Lin Jian, a spokesman for China’s foreign ministry, said at a recent press conference in response to questions about a CIA push to recruit Chinese informants.
U.S. intelligence officials have said China poses a significant, persistent threat to U.S. economic and political interests, and it has harnessed the tools of digital conflict: online propaganda and disinformation, artificial intelligence and cyber surveillance and espionage designed to deliver a significant advantage in any military conflict.
Mobile networks are a top concern. The U.S. and many of its closest allies have banned Chinese telecom companies from their networks. Other countries, including Germany, are phasing out Chinese involvement because of security concerns. But Chinese tech firms remain a big part of the systems in many nations, giving state-controlled companies a global footprint they could exploit for cyberattacks, experts say.
Chinese telecom firms still maintain some routing and cloud storage systems in the U.S. — a growing concern to lawmakers.
“The American people deserve to know if Beijing is quietly using state-owned firms to infiltrate our critical infrastructure,” U.S. Rep. John Moolenaar, R-Mich. and chairman of the China committee, which in April issued subpoenas to Chinese telecom companies seeking information about their U.S. operations.
Mobile devices can buy stocks, launch drones and run power plants. Their proliferation has often outpaced their security.
The phones of top government officials are especially valuable, containing sensitive government information, passwords and an insider’s glimpse into policy discussions and decision-making.
The White House said last week that someone impersonating Susie Wiles, Trump’s chief of staff, reached out to governors, senators and business leaders with texts and phone calls.
It’s unclear how the person obtained Wiles’ connections, but they apparently gained access to the contacts in her personal cellphone, The Wall Street Journal reported. The messages and calls were not coming from Wiles’ number, the newspaper reported.
While most smartphones and tablets come with robust security, apps and connected devices often lack these protections or the regular software updates needed to stay ahead of new threats. That makes every fitness tracker, baby monitor or smart appliance another potential foothold for hackers looking to penetrate networks, retrieve information or infect systems with malware.
Federal officials launched a program this year creating a “cyber trust mark” for connected devices that meet federal security standards. But consumers and officials shouldn’t lower their guard, said Snehal Antani, former chief technology officer for the Pentagon’s Joint Special Operations Command.
“They’re finding backdoors in Barbie dolls,” said Antani, now CEO of Horizon3.ai, a cybersecurity firm, referring to concerns from researchers who successfully hacked the microphone of a digitally connected version of the toy.
It doesn’t matter how secure a mobile device is if the user doesn’t follow basic security precautions, especially if their device contains classified or sensitive information, experts say.
Mike Waltz, who departed as Trump’s national security adviser, inadvertently added The Atlantic’s editor-in-chief to a Signal chat used to discuss military plans with other top officials.
Secretary of Defense Pete Hegseth had an internet connection that bypassed the Pentagon’s security protocols set up in his office so he could use the Signal messaging app on a personal computer, the AP has reported.
Hegseth has rejected assertions that he shared classified information on Signal, a popular encrypted messaging app not approved for the use of communicating classified information.
China and other nations will try to take advantage of such lapses, and national security officials must take steps to prevent them from recurring, said Michael Williams, a national security expert at Syracuse University.
“They all have access to a variety of secure communications platforms,” Williams said. “We just can’t share things willy-nilly.”
