Listen to the article. Audio text automatically generated by an automated system.

0:00

Two minutes to read

A new report reveals that Iran exploited known vulnerabilities in the global telecommunications infrastructure to locate US military personnel in the Middle East, both before the outbreak of war with the United States and during the early days of the conflict.

According to a report published by the Financial Times, based on research from Mobile Surveillance Monitor and government officials familiar with espionage operations, Tehran exploited the Signaling System 7 (SS7) protocol, a set of protocols used in 2G and 3G networks to connect telecom networks worldwide and route calls and text messages between operators.

An old vulnerability used in tracking operations

SS7 is one of the most criticized telecom protocols due to its security flaws, as intelligence agencies worldwide have used it for years to track mobile phones across borders, exploiting its ability to locate subscribers within networks.

According to the report, Iran used this technique to locate US forces stationed at military bases, as well as soldiers staying in hotels in Iraq, Bahrain, and other Middle Eastern countries, which helped it, the report says, to direct attacks that resulted in injuries to a number of US service members.

Digital advertising technologies among tracking tools

The exploitation was not limited to SS7 vulnerabilities; the report indicated that Iran also used digital advertising technologies (AdTech), typically employed to display targeted ads on smartphones, as an additional means to collect location data and track users.

This method relies on data collected by phone apps and ad networks, and is one of the digital surveillance techniques that cybersecurity experts have warned about in recent years.

Renewed concerns over telecom network security

The report highlights the security risks associated with outdated telecom infrastructure, particularly the SS7 protocol, which remains in use in large parts of the world despite its vulnerabilities being known for years.

Although the report is based on research sources and informed officials, it has not yet included official comment from Iranian or US authorities on the allegations.

Advertisement

Advertisement

Read also

Singapore loophole.. Chinese companies on blacklist obtain 'OpenAI' and 'Google' technologies use fake accounts to bypass protection measures. Technical angles.

One WhatsApp message turns 'OpenClaw' into a vulnerability to hack devices remotely. The vulnerability shows the weakness of the structure of the way AI agents handle inputs... Cybersecurity.

Samsung launches update fixing 57 security vulnerabilities in its phones, including 5 critical vulnerabilities. Apps and programs.