Security researchers say they have caught a Middle East surveillance company operating a new attack capable of cheating on telephone operators to reveal the position of a cell subscriber.
The attack is based on bypassing the security protection created by carriers to protect invaders from access to the SS7 or Signaling 7, a private set of protocols used by global phone agencies to launch calls and text messages worldwide.
The SS7 also allows carriers to request information on the tower cell connected to the subscriber’s phone, usually used to charge customers when they call or send a message to someone from abroad, for example.
Enea researchers, a cyberspace company providing protection for phone carriers, said this week That they have noticed the anonymous surveillance seller who exploits the new bypass attack by the end of 2024 to acquire the positions of people’s phones without their knowledge.
Enea VP of Cathalo Mc Daid technology, who co-author of the blog post, told TechCrunch that the company observed the target of “only a few subscribers” monitoring seller and that the attack did not work against all telephone players.
MC Daid said the bypass attack allows the surveillance supplier to identify a person on the nearest cell tower, who could be limited to a few hundred meters in urban or densely populated areas.
Enea informed the telephone operator noted that the holding was used, but refused to name the surveillance supplier, except to note that it was based in the Middle East.
Mc Daid told TechCrunch that the attack was part of a growing trend in malicious operators using these types of farms to acquire a person’s location, warning that the sellers behind their use “would not discover them and would use them if they were not successful”.
“We expect that more will be found and used,” Mc Daid said.
Surveillance sellers, who can include spyware manufacturers and online traffic providers, are private companies that usually work exclusively for government clients to conduct intelligence companies against individuals. Governments often claim to use spyware and other exploitative technologies against serious criminals, but tools have also been used to target members of civil society, including journalists and activists.
In the past, surveillance sellers have gained access to SS7 through a local telephone operator, abuse hired “global title”, or through a government connection.
But because of the nature of these attacks that occur at the level of the cell network, there are few that the phone subscribers can make to defend the exploitation. On the contrary, the defense against these attacks is largely based on telecommunications companies.
In recent years, telephone companies have installed protection walls and other cyberspace protections to defend SS7 attacks, but the nature of the world -funded cell network means that not all operators are not as protected as others, including the United States.
According to a letter sent to the office of Senator Ron Wyden last year, the US Ministry of Homeland said in 2017, that several countries, mainly China, Iran, Israel and Russia, used vulnerabilities on the SS7 to “exploit US subscribers”. Saudi Arabia has also been abused by defects on SS7 to carry out monitoring its citizens in the United States.
