Citizen Lab researchers have identified two separate espionage operations exploiting known vulnerabilities in SS7 and Diameter protocols to track individuals across 2G, 3G, 4G, and 5G networks.
Security researchers at Citizen Lab have documented two distinct spying campaigns that leverage weaknesses in fundamental telecommunications infrastructure to conduct surveillance and location tracking.
The attacks target SS7 and Diameter protocols—core systems that underpin global mobile networks. SS7 has been exploited for years by both state actors and criminal groups, while Diameter vulnerabilities represent a newer attack vector affecting 4G and 5G infrastructure.
These protocols handle critical functions including call routing, messaging, and authentication across carriers worldwide. Their weaknesses allow attackers to intercept communications and pinpoint targets' locations without requiring access to devices or carrier cooperation.
The dual campaigns signal that sophisticated threat actors continue to abuse these known flaws despite years of public disclosure. The ability to track individuals across multiple network generations—from older 2G infrastructure to cutting-edge 5G—demonstrates that network security gaps persist across the entire mobile ecosystem.
Telecommunications carriers have struggled to fully patch these vulnerabilities. Widespread remediation requires significant infrastructure upgrades, and many operators have deprioritized fixes due to costs and technical complexity. Legacy systems running 2G and 3G networks remain particularly exposed.
The findings underscore a fundamental challenge in mobile security: the protocols connecting carriers internationally were designed with minimal security considerations decades ago. Retrofitting protections onto this aging infrastructure has proven difficult and incomplete.
Citizen Lab's research joins mounting evidence that location tracking via telecom vulnerabilities represents an ongoing threat to journalists, activists, and other high-value targets. The group previously documented similar campaigns by government-linked actors exploiting these same weaknesses.
Mobile network operators and regulators face pressure to accelerate security upgrades, though the global scope of telecommunications infrastructure makes coordinated improvements difficult to implement.
Artificial intelligence is accelerating software development by removing friction between ideas and deployment. However, this speed comes at a cost: the traditional security checkpoints built into the development process are being bypassed.
Singaporean prosecutors have filed additional charges including money laundering against a suspect in an AI server fraud investigation. The case centers on the illegal diversion of Nvidia chips to unauthorized locations, including China.
Britain's foreign secretary is warning that artificial intelligence represents the most significant security challenge of the decade. He is calling for urgent development of regulatory guardrails to manage AI-related risks.
A website has been experiencing outages since May 17 due to bot spam overwhelming its infrastructure. The service has apologized to subscribers affected by the accessibility issues.