Techly NewsGet the app

Get the latest tech news

A surveillance vendor was caught exploiting a new SS7 attack to track people’s phone locations


The new SS7 bypass-attack tricks phone operators into disclosing a cell subscriber's location, in some cases down to a few hundred meters.

Enea VP of Technology Cathal Mc Daid, who co-authored the blog post, told TechCrunch that the company observed the surveillance vendor target “just a few subscribers” and that the attack did not work against all phone carriers. Mc Daid told TechCrunch that the attack was part of an increasing trend in malicious operators using these kinds of exploits to obtain a person’s location, warning that the vendors behind their use “would not be discovering and using them if they were not successful somewhere.” According to a letter sent to Sen. Ron Wyden’s office last year, the U.S. Department of Homeland Security said as far back as 2017 that several countries, notably China, Iran, Israel, and Russia, have used vulnerabilities in SS7 to “exploit U.S. subscribers.” Saudi Arabia has also been found abusing flaws in SS7 to conduct surveillance of its citizens in the United States.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of people

people

Photo of phone locations

phone locations

Photo of surveillance vendor

surveillance vendor

Related news:

News photo

As companies race to add AI, terms of service changes are going to freak a lot of people out

News photo

People kept working, became healthier while on basic income: report (2020)

News photo

Babies made using three people's DNA are born free of mitochondrial disease

« Coldplay kiss-cam flap proves we’re already our own surveillance state
CaaStle founder charged with fraud, turns herself in »