A Citizen Lab investigation cited by the Israeli newspaper Haaretz has revealed that Israeli telecommunication firms were used to track mobile phone users more than 15,000 times across more than 10 countries over the past three years. The digital research group described two separate covert operations designed to monitor the locations of mobile users, both of which were likely run by commercial surveillance firms selling their technologies to governments around the world. Citizen Lab’s findings exposed how suspected commercial surveillance vendors exploit the global telecom interconnect system, leverage private operator networks, and conduct location tracking operations that can persist undetected for extended periods.
The first operation made use of geolocation technology to track targets through networks belonging to two Israeli companies, 019Mobile and Partner Communications. Researchers identified more than 500 location-tracking attempts between November 2022 and 2025 across Thailand, South Africa, Norway, Bangladesh, Malaysia, and several other African countries. In one documented case, a businessman from West Asia was methodically tracked for four hours by a company that queried the international phone system on behalf of clients to locate him. That tracking attempt, along with dozens of others, appeared to have passed through the servers of 019Mobile, with mobile network addresses registered to the company used to send location-tracking requests through Partner Communications’ infrastructure. A separate tracking request was also routed through Exelera Telecom, an Israeli company providing cloud and communications services.
The second operation was more sophisticated in nature and involved a Swiss telecom company that allowed firms, including Rayzone, to impersonate cellular carriers and connect to mobile networks to track users across the globe. This operation relied on SS7, an older telecom signaling protocol originally designed to route calls and text messages, enable international roaming, and connect different mobile operators. The use of SS7 for surveillance purposes has been a known vulnerability for years, but Citizen Lab’s findings also showed that spyware firms are now exploiting newer signaling systems such as Diameter, a mobile network system that connects cellular users to fourth-generation international roaming and fifth-generation networks, which was specifically designed to be more secure than its predecessor. One method documented in the investigation involves exploiting vulnerabilities in subscriber identity module cards to send a hidden text message to a target device, containing a secret command that prompts the card to transmit the device’s location without the user’s knowledge. The combined use of both old and new signaling systems effectively means that upgrading telecom infrastructure alone is insufficient to protect users from covert location tracking at the hands of commercial surveillance operators.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
