Surveillance vendors caught abusing access to telcos to track people's locations
5 hours ago
- #telecom security
- #spying campaigns
- #surveillance
- Security researchers identified two spying campaigns exploiting weaknesses in global telecom infrastructure to track individuals' locations.
- The campaigns abused vulnerabilities in older SS7 protocols and newer Diameter protocols, despite Diameter's intended security improvements.
- Three telecom providers—019Mobile, Tango Networks U.K., and Airtel Jersey—served as entry points for the surveillance activities.
- One campaign used SS7 and Diameter flaws to geolocate targets, while another employed SIMjacker attacks via SMS to turn phones into tracking devices.
- Researchers suggest these campaigns are part of widespread exploitation by surveillance vendors, with evidence pointing to well-funded, integrated operations.