A new report from the China Cybersecurity Industry Alliance (CCIA) alleges that U.S. intelligence agencies have been conducting widespread cyber espionage on mobile devices worldwide.
The 11-chapter document released on Monday claims that U.S. agencies have exploited vulnerabilities across smartphones, communication networks, and tech supply chains. By targeting hardware components like SIM cards and firmware, as well as software systems like iOS and Android, the report suggests that sophisticated methods were used to infiltrate devices globally.
Infiltrating Devices Without a Trace
One of the most alarming allegations involves Apple’s iMessage service. According to the CCIA, U.S. operatives weaponized the platform to deliver “zero-click” exploits—malware that installs without any user interaction. This means that simply receiving a message could compromise a device, allowing unauthorized access to contacts, locations, and device identifiers.
Citing research from cybersecurity firm Kaspersky, the report asserts that both high-profile individuals and ordinary citizens have been affected. The use of commercial spyware like Pegasus, previously linked to surveillance incidents in countries like France and Pakistan, is also highlighted.
From Smartphones to Data Centers
The alleged espionage isn’t limited to mobile phones. The CCIA claims that a U.S.-led initiative called “Operation Irritant Horn,” supported by the Five Eyes alliance’s NTAT surveillance unit, targeted Chinese apps to extract user data. For instance, a popular Chinese mobile browser reportedly transmitted phone numbers, SIM details, and device IDs to servers—a vulnerability that U.S. agencies allegedly exploited for “secondary data collection.”
Calls for Global Action
At a press briefing on Monday, Chinese Foreign Ministry Spokesperson Guo Jiakun condemned the alleged activities. “The U.S. government has abused its dominance in information technology and supply chains to conduct malicious cyber operations against the global mobile industry,” Guo stated.
He emphasized that these actions pose severe risks to cybersecurity and national sovereignty worldwide. Guo urged the international community to address what he termed “unilateral cyber hegemony” and to strengthen multilateral cooperation on data security.
The CCIA report concludes by calling for enhanced scrutiny of U.S.-linked tech infrastructure and urges mobile users to adopt “heightened defensive measures.”
