Forgot your password?
typodupeerror
Security The Military Privacy

Iran Abused Mobile Networks' Vulnerabilities To Locate US Military In Middle East (techcrunch.com) 78

An anonymous reader quotes a report from TechCrunch: The Iranian government abused well-known vulnerabilities in the global telecoms infrastructure to locate U.S. military personnel in the build-up to the Iran War, as well as in the early days of the conflict, according to Financial Times. The Iranian government exploited Signaling System 7, or SS7, a set of protocols for 2G and 3G networks that has long been the backbone of how cellular networks connect to each other to route subscribers' calls and texts around the world, the newspaper reported, citing research by the Mobile Surveillance Monitor, as well as anonymous government officials with knowledge of the spy campaign.

Intelligence agencies have long abused SS7 to track cellphones abroad, which is what happened in this campaign. Using this technique, Iran was reportedly able to locate U.S. military forces stationed in military bases as well as hotels in Iraq, Bahrain, and other countries in the Middle East, which allowed the regime to strike them. These attacks resulted in several injuries. Apart from SS7, Iran also abused advertising technology used to serve tailored ads to cellphone users, another well-known surveillance technique that relies on everyday technology.

Iran Abused Mobile Networks' Vulnerabilities To Locate US Military In Middle East

Comments Filter:
  • Wahhh! (Score:5, Insightful)

    by locater16 ( 2326718 ) on Tuesday July 14, 2026 @11:58PM (#66239068)
    People we don't like "abused" the thing we were abusing, that's not fair, make them stop, make them stop in a way that allows us to keep abusing the same thing, waaahhh!
    • Re:Wahhh! (Score:5, Insightful)

      by sit1963nz ( 934837 ) on Wednesday July 15, 2026 @12:25AM (#66239076)
      WAHHHH...DJT can say he wants Venezuela and invade, Greenland and threaten to invade, Canada and say it's the 51st state..... but anyone else who might say "We control the state of Hormuz" is an illegal terrorist, only DJT can do that....WAHHHHH
      • by Epeeist ( 2682 ) on Wednesday July 15, 2026 @03:00AM (#66239152) Homepage

        Both Putin and Trump have started wars that they cannot win, and from which they cannot withdraw without an enormous loss of face.

        The only difference is that Putin's war only effects Russia's economy, while Trump's war effects the whole world.

      • You had me at "State of Hormuz." I guess that's the 52nd State? And then later after Puerto Rico becomes the 51st State, they can recycle deep state to mean Hormuz. Which is course encompasses Canada, because... pizza.

        There's too much stupid to go around on this one. So much stupid to go around that the media wanted their turn with this story!

        If you can't find a negotiated military base on a map... you're probably too stupid to "abuse" radio transmissions until the radio trannies show you their documents an

      • by Anonymous Coward

        The delicious irony is of course, those people wouldn't be asserting control of Hormuz if DJT hadn't thrown his weight around in the first place. It could still be an open waterway with hundreds of container ships traversing it daily. Iran would have been no closer to an nuclear weapon than they are today, and America could have been *billions* better off at this point.

        Oh well.. elections have consequences and all that. It's just a shame so many of us that have been affected weren't allowed to vote.

        • > America could have been *billions* better off at this point.

          Weapons manufacturers and Big OIl are billions better off now. All patriotic Americans should consider that a win, right?

    • Re: (Score:3, Informative)

      by dunkelfalke ( 91624 )

      It's a little unfair. You win a war, but they have no right to be doing what they're doing.

      The orange shitgibbon literally said that.

    • Nobody is crying or asking them to stop, they haven't actually succeeded at counter-attacking anything.

      I know it takes two brain cells to rub them together, but come on... you can simulate a cockroach with two transistors, try to at least simulate having two real brain cells.

  • Israel probably (Score:5, Interesting)

    by detritus. ( 46421 ) on Wednesday July 15, 2026 @12:23AM (#66239074)

    Israel has been known to abuse the ss7 network in the United States and spying on our own government personnel. I doubt Iran did this. I'm far likely to believe it was an Israeli attempt to get the United States to strike Iran.

  • by yanestra ( 526590 ) on Wednesday July 15, 2026 @12:43AM (#66239094) Journal
    I guess this is from the Quick Thinker Department. Usually the time between problem observation and soluition is another 20 years.
    • I guess this is from the Quick Thinker Department. Usually the time between problem observation and soluition is another 20 years.

      Funny. You're 30 years too late. SS7 dates to the early days of network routing where security simply wasn't remotely a consideration. Much like you could trace packets to the target of a TCP/IP connection, and see which device responds to IP pings, this is a network feature.

      If you told anyone 20 years ago, it'll have been 25 years after the protocol was developed. And the issue with this now is what do you do about it? Do we break fundamental backwards compatibility with SMS (probably the most reliable mob

  • The Iranians are well known (well, know to anyone with clue) to have a very competent cyber organization hacker organization (among the best). Bad on the US (or more specifically, their leadership) if they did not expect to be hacked, and planned accordingly.
    • by Anonymous Coward
      what did you expect them to do? Take out the phone networks of their allies"as hotels in Iraq, Bahrain, and other countries in the Middle East," at the start of the war?
      That's really going to make them want to help you.
      And it worked.
      All of them want to help America.
      None of them want to help Iran.
      • We are all witnessing, with Iran, what happens when a country does not "want to help" the US. This is the mob making an example so that everyone else in the neighbourhood knows whose side they should be on. Remind me, why do the US need to have a military presence in that region of the world again?

      • by Sique ( 173459 )
        We expected them 20 years ago, when all people working in the field knew already that SS7 needs security safeguards, not to sit on their hands and do nothing.
        • You are being unfair. The vulnerabilities in SS7 had been there for years. There was lots of work in GSM to try to improve them and, for example, the MAP protocol which was layered on top of SS7 uses temporary identifiers to make it difficult to track people. The experts didn't do nothing. They actively impeded some of that work and they took away time that could be used for validating and identifying vulnerabilities in other parts of that work.

          The basic vulnerabilities in SS7 can be reduced by using SIGTRA

    • Re: (Score:3, Interesting)

      by Bahbus ( 1180627 )

      Iranians are well known to have a very competent cyber organization hacker organization (among the best).

      Iranian hackers are mid-tier at best. It isn't hard to hack into SS7 - it's a shitty protocol with a lot of vulnerabilities. It's why 4G and 5G don't use SS7. The US doesn't even use 2G and 3G anymore, but of course, the stupid phone manufacturers leave them in for unnecessary backwards compatibility.

      I'm not willing to call Iranians competent until they do something that actually requires some skill and intelligence.

      • > unnecessary backwards compatibility.

        Unnecessary?
        https://www.skoda-auto.com/con... [skoda-auto.com]

        Do not underestimate the amount of devices still relying on 2G/3G, not every industry has a turnaround of 5 years.

        • by Bahbus ( 1180627 )

          Too fucking bad. I don't give a shit about legacy devices relying on 2G/3G. Not to mention this has nothing to do with backward compatibility of newer devices. For example, the cars you linked need the 2G/3G networks to do specific functions. Newer devices do not *need* to communicate on these older networks. At all. For any reason. And more specifically, nothing the US military uses should be using 2G/3G networks - they are inherently terrible networks and cannot be secured at all.

          Skoda should issue a reca

          • by PPH ( 736903 )

            Too fucking bad. I don't give a shit about legacy devices relying on 2G/3G.

            If you are a cellular operator, you should. A few decades ago, our local utility started a switch over from their own proprietary mesh meter reading network to a 2G/3G GPRS system. They got a ways into switching a few hundred thousand meters over when they got the AT&T memo: We're switching to 4G/5G. They went back and reinstalled their mesh network. Fool me once, shame on you. Fool me again, shame on me.

            AT&Ts law enforcement network was even worse. They conned our region's police forces to switch

            • by Bahbus ( 1180627 )

              A few decades ago, our local utility started a switch over from their own proprietary mesh meter reading network to a 2G/3G GPRS system.

              Your local utility was apparently run by morons.

              AT&T

              also sucks dick in general. Your police dept or whoever all approved that switch; also morons.

  • by sleschdott ( 2110488 ) on Wednesday July 15, 2026 @02:16AM (#66239134)

    Backdoors can and will be used against you... regardless of your original intentions when mandating them.

    • None of this is a backdoor. It's abuse of a network protocol capability designed in the 70s when security just wasn't a word associated with anything electronic.

      • So... They haven't had 50+ years to fix this? Cap'n Crunch would be happy that inband signalling is still alive and kicking.

  • Not surprised that someone exploited a vulnerability, but surprised that deployed military personnel are allowed to use civilian communication systems.

    • by PPH ( 736903 )

      Just try to pry that electronic fidget toy out of zoomers hands and watch the ensuing crying and blubbering.

  • by gweihir ( 88907 ) on Wednesday July 15, 2026 @03:31AM (#66239194)

    An enemy in a war does not "abuse" your weaknesses. They are "using" them if they are competent. And on the other side? Simple: Having these vulnerabilities is stupid. But the whole war is excessively stupid on the US side. Not the most stupid war ever fought, but probably up in the all-time top-10. And to think the only reason for that war is that a multiple-felon president needs to hide how he raped children.

    • Abuse is abuse, even if it is a feature, so long as that feature is being used for purposes other than what it was intended for.

  • Sigh. (Score:5, Insightful)

    by ledow ( 319597 ) on Wednesday July 15, 2026 @03:46AM (#66239214) Homepage

    I'll say it again:

    Active military personnel carrying around standard mobile phones is such a breach of all kinds of basic security protocols that it should be illegal.

    But can't let the troops get bored, eh? Have to let them do their fitbit on board your cruiser that you're trying to keep secret, and have them checking into Facebook while they're in Helmand province, and giving away their movements when they're running around your bases at home, and having an always-on device capable of tracking and recording everything from audio to the radiowaves to location, made by the Chinese, wherever they go.

    Dumbest fucking idea ever.

  • Do what we say, don't do what we do
  • Funny how if it's someone we like, they used it. But if it's someone we don't like, they abused it.

  • No rules, no excuses.

"I just want to be a good engineer." -- Steve Wozniak, co-founder of Apple Computer, concluding his keynote speech at the 1988 AppleFest

Working...