Feds investigate China's Salt Typhoon amid campaign phone hacks

The feds are investigating Chinese government-linked cyberspies breaking into the infrastructure of US telecom companies, as reports suggest Salt Typhoon - the same crew believed to be behind those hacks - has also been targeting phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, along with Republican candidate Donald Trump and his running mate, JD Vance.

On Friday, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said they "immediately notified affected companies, rendered technical assistance, and rapidly shared information to assist other potential victims."

The US government agencies' alert doesn't name those affected companies, but according to earlier news stories, they include Verizon, AT&T, and Lumen Technologies. 

All three have thus far declined to comment to The Register about the investigation as well as the alleged breaches during which Salt Typhoon reportedly hacked the broadband providers' wiretapping systems.

US lawmakers have since demanded that the three firms answer questions about when they discovered the Chinese spies on their networks, and what they are doing to better secure their systems.

"The investigation is ongoing, and we encourage any organization that believes it might be a victim to engage its local FBI field office or CISA," the Friday security advisory continued. "Agencies across the US Government are collaborating to aggressively mitigate this threat and are coordinating with our industry partners to strengthen cyber defenses across the commercial communications sector."

The government agencies' investigation comes as US news outlets report that the People's Republic of China-affiliated group has also been snooping around on phones belonging to both American presidential candidates and other politicians.

• US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants
• Chinese cyberspies reportedly breached Verizon, AT&T, Lumen
• China's Salt Typhoon cyber spies are deep inside US ISPs
• Putin's pro-Trump trolls accuse Harris of poaching rhinos

According to The New York Times, Republican nominee and former US president Donald Trump, along with his VP choice JD Vance, were both made aware that Salt Typhoon had targeted their phones after infiltrating Verizon's systems.

Plus, people affiliated with Vice President Kamala Harris, who is running on the Democratic presidential ticket, have also been targeted by the same group of hackers, according to the Wall Street Journal. 

The Times reported several prominent Democrats in Congress, including staff for Senate Majority Leader Chuck Schumer (D-New York), were also among those whose devices may have been compromised. 

It's unclear what, if anything, the cyber snoops stole during the espionage operations.

At this point in the investigation, it's believed that Salt Typhoon targeted or compromised at least several dozen companies and people.

"They're taunting us," one person involved in the response told the WSJ, adding that this hacking operation marked a "new frontier" in the Chinese government's cyber activities against the US.

Plus, it follows a serious uptick in cyberattacks that both government and private investigators have tied to the People's Republic of China.

Last month, FBI Director Christopher Wray said that US law enforcement disrupted a 260,000-device botnet controlled by China's Flax Typhoon. 

During at least two occasions over the past year, as recently as August and then originally in February, a different cyberspy gang, Volt Typhoon, was spotted snooping on American networks and across critical infrastructure while readying "disruptive or destructive cyberattacks." 

For its part, China has repeatedly denied these accusations and claimed that Volt Typhoon is an invention of the US and its allies. ®