Mastodawn

New, by me: A Middle East surveillance vendor has been caught exploiting a new attack in SS7, a set of protocols used by phone carriers, that can trick a phone operator into disclosing a person's phone location without their knowledge.

https://techcrunch.com/2025/07/18/a-surveillance-vendor-was-caught-exploiting-a-new-ss7-attack-to-track-peoples-phone-locations/

A surveillance vendor was caught exploiting a new SS7 attack to track people's phone locations | TechCrunch

The new SS7 bypass attack tricks phone operators into disclosing a cell subscriber's location, in some cases down to a few hundred meters.

TechCrunch

Show thread

nemo™ 🇺🇦Jul 18

@zackwhittaker Hi. Is there anything one can do to mitigate this? Kind regards.

Show thread

Zack Whittaker Jul 18

@nemo hello, i make a note of this in the story!

Show thread

nemo™ 🇺🇦Jul 18

@zackwhittaker Thank you ✅ 💡 👍

Show thread

Scott Francis Jul 18

@zackwhittaker it's the protocol that keeps on giving (if you're an attacker anyway). Oof.

Show thread

NosirrahSec 🏴‍☠️ guillotine enthusiast Jul 18

@darkuncle @zackwhittaker the limp dick Saudi animal that put the hit out on Jamal Kashoggi is already using this, most likely.

Show thread

NosirrahSec 🏴‍☠️ guillotine enthusiast Jul 18

@darkuncle @zackwhittaker I'm sure he's doing great business with billionaires being so readily bribed in this current government

Show thread

Frobbotzim Jul 18

@darkuncle @zackwhittaker I'm recalling troubleshooting slow STP links 20 or so years back, being promised that everything would be Diameter soooooon... Article does paint a picture of the cui bono situation, doesn't it? Sigh.

Show thread

Brokar Jul 18

@zackwhittaker So, my understanding is this: the carriers did not do anything to mitigate this since 2017 because their governments all use this also to track individuals.
I don't think that the excuse with patchwork carriers works. If this was serious, they'd have it fixed already. Globally.
Always ask: qui bono?

Show thread