It started with something small, unusual phone crashes reported by a handful of people in politics, government, journalism, and tech. But cybersecurity experts soon realized these glitches were more than just a software bug. They were the first signs of a no-click cyberattack: a stealthy method that allows hackers to access phones without the user ever tapping a link.

The firm iVerify, which investigated the issue, discovered a disturbing pattern. All the victims had previously been targets of Chinese hackers and worked in sectors of strategic interest to the Chinese government.

China in the Spotlight, Again

Late in 2024, U.S. authorities began warning about an expansive Chinese hacking campaign. The attackers weren’t just stealing emails, they were allegedly eavesdropping on real-time phone calls and reading text messages.

Congressman Raja Krishnamoorthi, a member of the House Intelligence Committee, confirmed that Chinese hackers also tried to gain access to phones used by Donald Trump and JD Vance during the 2024 campaign.

China has strongly denied these claims, accusing the U.S. of its own cyberespionage efforts. Chinese officials argue that America uses "national security" as a cover to limit Chinese tech companies from competing globally.

Smartphones: The New Battleground

Cybersecurity experts agree that mobile devices are now the soft underbelly of national security. Unlike desktop systems, mobile apps and connected devices often lack proper updates and defenses, creating backdoors for hackers.

Rocky Cole from iVerify calls it a “mobile security crisis,” warning that no one is watching phones closely enough, despite how central they’ve become to our lives and infrastructure.

Phones are no longer just communication tools. They control drones, run smart homes, and even launch stock trades. As their capabilities expand, so do the risks.

Foreign Tech, Domestic Risk

The U.S. and many allies have banned or limited Chinese telecom companies in critical infrastructure due to national security fears. However, some of these firms still operate in parts of the U.S., such as maintaining routing and cloud services, a growing concern for lawmakers.

Rep. John Moolenaar, chairman of the China committee, emphasized the need for transparency, warning that Chinese state-owned firms may be quietly infiltrating U.S. infrastructure.

Real-Life Breaches Show the Dangers

One recent incident involved someone impersonating Susie Wiles, Trump’s chief of staff, and reaching out to powerful leaders using her contacts. Though the calls weren’t from her number, the impersonator appeared to have accessed her phone contacts, raising red flags.

Apps, smart devices, and even toys can be hacked. As Snehal Antani from Horizon3.ai put it, “They’re finding backdoors in Barbie dolls.”

User Behavior Still Matters Most

Even with top-tier device security, human error remains the biggest vulnerability. In one case, a former Trump adviser accidentally added a journalist to a secure Signal chat. In another, a top defense official bypassed Pentagon protocols to use Signal on a personal computer.

Experts warn that as long as careless mistakes continue, foreign adversaries will keep looking for ways in. As Michael Williams from Syracuse University said, “We just can’t share things willy-nilly.”