Researchers at the Citizen Lab discovered two surveillance vendors misusing their access to cellular networks to track the locations of multiple individuals across different countries. The abuse involved exploiting the signaling system that connects mobile carriers, a method previously seen in state-sponsored espionage operations like the 2018 SS7 attacks.
The vendors, whose identities were not disclosed, allegedly targeted victims in Europe, the Middle East, and Asia. Their access allowed them to intercept location data without the carriers' knowledge. Citizen Lab reported the findings to affected telecom companies and law enforcement agencies in early April 2026.
This is not the first time surveillance firms have exploited telecom infrastructure. In 2021, similar abuses were linked to FloaMarket, a now-defunct vendor that sold location data from major carriers. The new cases, however, involve direct access to network backbones, raising concerns about oversight in the industry.
Telecom regulators in the EU and the U.S. have begun reviewing their security protocols following the disclosure. A spokesperson for the European Telecommunications Standards Institute said the findings highlight weaknesses in existing anti-fraud measures.
The Citizen Lab called for stricter audits of third-party vendors with access to telecom networks. It also urged carriers to implement real-time monitoring for unauthorized queries.
Source: techcrunch.com