A surveillance vendor was caught exploiting a new SS7 attack to track people’s phone locations

A surveillance vendor has been caught exploiting a novel SS7 attack to track people's phone locations. The attack allows the vendor to bypass security measures and trick phone operators into disclosing a cell subscriber's location, sometimes with an accuracy of a few hundred meters. SS7, a core signaling protocol used in mobile networks, has long been known to have vulnerabilities that can be exploited for surveillance purposes. The latest attack demonstrates the ongoing security challenges faced by mobile networks as they continue to be targeted by sophisticated surveillance tools. The discovery highlights the need for stronger security measures and greater oversight in the mobile communications industry to protect users' privacy and prevent the misuse of sensitive location data. Regulatory authorities and telecom providers will likely need to address this vulnerability to ensure the integrity of mobile networks and safeguard user privacy.