The findings, published by the Israeli newspaper Haaretz, indicate that systems ranging from ancient networks built in the 1970s to modern 5G infrastructure were exploited as “tracking devices” using advanced spy tools.
According to the report, more than 15,700 attempts to locate phones have been recorded since November 2022 in countries including Thailand, South Africa, Norway, Bangladesh and Malaysia.
Documents reviewed by Haaretz indicate that Verint, the parent company of Cognyte, sold a tracking system known as SkyLock – based on the SS7 signaling protocol – to a government client in the Democratic Republic of the Congo.
The investigation also revealed that the Swiss telecommunications company “Fink Telecom Services” claimed that it enabled surveillance companies such as “Rizon Group” to impersonate mobile telecommunications companies and access old telecommunications networks.
In effect, this allowed users to be tracked by exploiting vulnerabilities in Signaling System 7 (SS7), a protocol originally designed to route calls and text messages and support international roaming.
The researchers said that the newer Diameter protocols used in 4G and 5G networks were also targeted, and among the techniques identified was “SIM hijacking,” where an invisible SMS is sent to the phone, causing the SIM to send location data without the user’s knowledge.
The report stated that the tracking operations were carried out through networks linked to the Israeli telecommunications companies 019Mobile and Partner Communications.
In addition, “019Mobile” announced that it is a virtual telecommunications company, and hinted at the possibility of its identity being impersonated, denying any involvement in the matter. However, there was no immediate response from Fink Telecom Services, Partner Communications, Cognyte or Verint regarding these findings.
The report raises broader concerns about vulnerabilities in the global communications infrastructure and the potential for cross-border misuse of surveillance technologies.
