Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say

Citizen Lab and TechCrunch describe two active surveillance campaigns that exploit weaknesses in global telecom signaling—SS7 and Diameter—and SIM-targeting SMS (SIMjacker) to covertly geolocate individuals. The report shows surveillance vendors abusing access via at least three telecom providers (019Mobile, Tango Networks UK, Airtel Jersey/Sure) to hide operations and serve government customers, indicating widespread, ongoing exploitation of mobile-network signaling vulnerabilities.