FBI Investigating Possible China Hack Of Presidential Campaign Officials’ iPhones

Published 1 month ago
Thomas Brewster
US Election-Night Watch Parties Held Overseas
(Photo by Stefano Guidi/Getty Images)

The FBI has been notified of evidence of hacking on the iPhones of two senior officials at one of the presidential campaigns. Sources say the agency is pursuing a lead related to a Chinese hacking group.

The FBI is investigating whether China used its access to American telecoms networks to infect the iPhones of senior staff of a U.S. presidential campaign, according to a cybersecurity expert involved in protecting the officials’ devices.

Rocky Cole, the founder of mobile security startup iVerify, told Forbes his company’s software flagged anomalous behavior on two iPhones that belonged to senior officials for one of the presidential campaigns. He declined to specify which one.

Advertisement

Cole, a former NSA analyst and Google employee, said iVerify detected settings on staff iPhones were changed “in patterns that are not observed on healthy devices.” Previously, mobile malware developed by government hacking groups have changed settings in the same manner, he said. “That does not mean the devices were definitively compromised, but this information combined with who owned the devices and the timelines of the events were enough to merit a robust investigation, which is ongoing,” Cole told Forbes.

“The Trump administration will need to hit the ground running on countering the recent uptick in cyber activity.”Chris Krebs, former CISA director

Loading...

The FBI confirmed to Cole that one of the impacted iPhones belonged to a target of a Chinese cyber espionage group referred to as Salt Typhoon, he said. According to reports in the Wall Street Journala number of telecoms giants including AT&T and Verizon had their networks breached by Salt Typhoon, a unit believed to work on behalf of China’s state security service. The paper cited various sources with knowledge of the matter, who claimed the attackers targeted the communications of President Trump, his running mate JD Vance and individuals working on the president Kamala Harris campaign. Neither the Harris nor Trump campaigns responded to requests for comment.

“The timeline of the anomalous behavior aligned with Salt Typhoon’s behavior within the Verizon network,” said Cole. “We have to assume China would do more with their position on the Verizon infrastructure than simply listen to phone calls. It’s an attractive position for deeper exploitation of adjacent networks and devices. For that reason, there is an ongoing investigation to determine whether those devices were actually breached.” His company was tasked with protecting officials’ iPhones through its work with the Defending Digital Campaigns nonpartisan nonprofit, which provides candidates and staff with access to free cybersecurity tools.

Advertisement

If the FBI finds a candidate or one of their staff had their iPhones hacked, it would be a significant breach. Infecting a smartphone allows for wider access to information on a target compared to what would be compromised via telecoms networks. Such malware would potentially have access to the phone’s microphone, calls and texts, encrypted communications, such as messages sent over WhatsApp and Signal, and to more private information stored on health and dating apps, as well as detailed location information.

Apple declined to comment. Neither the FBI nor Verizon responded to requests for comment.

Liu Pengyu, a spokesperson for the Chinese Embassy in Washington D.C., denied it was behind any attacks on the U.S. and had “no intention and will not interfere in the U.S. election,” adding, “In recent years, the U.S. has compiled and spread all kinds of disinformation about the so-called Chinese hacking threats. Such allegations are full of malicious speculations against China, which China firmly opposes.”

American officials and cyber experts believe China is a major cyber threat facing the U.S. Chris Krebs, former chief of the DHS Cybersecurity and Infrastructure Security Agency (CISA), said China should be a top priority for the incoming Trump administration. In November 2020, Trump fired Krebs on Twitter after the ex-CISA head declared that year’s election legitimate and safe from outside influence.

Advertisement

“Given China’s increasingly aggressive behavior in multiple domains, the Trump administration will need to hit the ground running on countering the recent uptick in cyber activity,” said Krebs. “They’ll also need to continue evaluating offensive cyber options… The stakes are crystal clear: China is preparing for war, are we?”

Loading...