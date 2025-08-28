Is China really behind the massive Salt Typhoon hack? The answer from the U.S. government is yes. A new joint report from the U.S. and its allies has revealed details of one of the boldest cyber operations carried out by China in recent years. According to investigators, three private Chinese companies helped Beijing’s Ministry of State Security (MSS) run a hacking campaign called Salt Typhoon, which broke into telecom networks worldwide.

The operation gave hackers the ability to snoop on text messages and phone calls. It even targeted communications linked to U.S. political figures, including Kamala Harris’ and Donald Trump’s campaigns.

How the Hack Worked

Salt Typhoon focused heavily on telecommunication companies, including major U.S. providers AT&T and Verizon. By breaking into their systems last year, the hackers potentially gained access to the data of millions of people. This included not just messages and calls but also the ability to track user locations.

A 37-page technical report was released on Wednesday, signed by the FBI, NSA, and CISA, along with 12 allied governments such as the U.K., Germany, Canada, Japan, and Australia. The report confirmed that the campaign has been active since 2021, targeting not just telecom but also government, transportation, lodging, and military networks around the world.

An FBI spokesperson said Salt Typhoon has hacked into more than 200 companies across 80 countries so far.

Military Networks Also Hit

Earlier this year, NBC News reported that the U.S. Defense Department discovered Salt Typhoon had infiltrated at least one state’s National Guard network. The hackers remained inside for nearly a year before being detected.

This shows the scale and patience of the operation, raising concerns about national security and the safety of sensitive infrastructure.

The Companies Behind It

The report named three Chinese firms:

Beijing Huanyu Tianqiong Information Technology

Sichuan Zhixin Ruijie Network Technology

Sichuan Juxinhe Network Technology

In January, the U.S. Treasury sanctioned Sichuan Juxinhe, but this is the first time Western governments have directly accused the other two of global hacking operations.

Interestingly, cybersecurity experts believe these were real functioning companies, not just cover operations for Chinese intelligence. Dakota Cary, an analyst at SentinelOne, noted that this shows the MSS is effectively outsourcing cyberattacks to private firms.

He added, “It is inconceivable that the U.S. would ever ask a private company to hack into Xi Jinping’s phone,” highlighting the unusual nature of China’s approach.

Why It Matters

Salt Typhoon’s success in hacking telecom providers like AT&T and Verizon gave China access to the phone data of more than a million people in Washington, D.C. alone. This allowed Chinese intelligence services to monitor calls, read texts, and track the locations of individuals in real time.

The report warned that such stolen data could help Chinese agencies follow their targets across borders, making it a powerful surveillance tool.

Both AT&T and Verizon have since confirmed they removed the hackers from their systems. However, experts warn that they remain vulnerable to future break-ins.

China’s Response

The Chinese government has denied any involvement in the hacking operation. It has also accused the U.S. and its allies of carrying out similar cyber activities. The three companies named in the report could not be reached for comment.

A Wake-Up Call

The Salt Typhoon case shows how modern cyberwarfare is evolving. Instead of relying only on state-run hackers, China (allegedly) appears to be using private companies to conduct operations on its behalf. This outsourcing makes detection harder and raises the stakes for governments and corporations worldwide.

For now, Salt Typhoon remains one of the largest and boldest hacking campaigns uncovered, and experts believe it will not be the last.