Iran Exploited SS7 Mobile Network Flaws to Track US Troops, Coinciding With Strikes on US Forces, Report Says
- SS7 Exploited: Iran allegedly abused Signaling System 7 networks vulnerabilities to locate U.S. military personnel.
- Strikes Enabled: The suspected surveillance coincided with strikes on U.S. forces at bases and hotels, causing several injuries.
- Ad Tech Abused: Iran-linked actors are also believed to have exploited advertising technology to track cellphone users in Iraqi Kurdistan.
The Iranian government exploited well-known vulnerabilities in global telecoms infrastructure to locate U.S. military personnel in the buildup to the Iran war and during the early days of the conflict, the Financial Times (FT) alleged, citing research from the Mobile Surveillance Monitor project and anonymous government officials.
Iran May Have Exploited SS7 Protocol Weaknesses Across the Gulf
Iran reportedly exploited Signaling System 7, or SS7, a set of protocols that handles subscriber calls, texts, and roaming routing. Data shared with FT allegedly showed regional telecom networks fending off a wave of SS7 "pings."
Gulf officials suspected Iran or its allies of exploiting roaming agreements with local phone providers, according to a person familiar with the matter.
Gary Miller, a senior research fellow at Citizen Lab who in April analyzed global telecom exploitation by surveillance actors, said at least some of the tracking attempts could be linked to an Iranian mobile phone operator and described the activity as "very specific user targeting."
Tracking Coincided With Strikes on U.S. Forces
Using this technique, Iran was reportedly able to locate U.S. military forces stationed at bases as well as hotels in Iraq, Bahrain, and elsewhere in the Middle East, as Iran and Iran-backed militias struck several hotels in the region during the war.
Experts cautioned that further investigation is needed to attribute specific attacks to the digital surveillance, noting that human spotters, personnel's own hotel reviews, and social media posts could also be possible intelligence streams.
U.S. Central Command told Congress it had "received multiple threat reports concerning adversary exploitation of commercial location data to target or surveil US personnel in theatre," while a separate U.S. official pushed back, stating any claim that data tracking played a significant role in attacks "is a departure from the facts."
Advertising Technology Also Allegedly Abused
Beyond SS7, actors linked to Iran are believed to have used commercially available advertising databases to track phones in Iraqi Kurdistan, a U.S. official told FT. Rep. Pat Harrigan (R-NC) said legislation is needed to stop tech companies from selling location data tied to government personnel.
Sen. Ron Wyden (D-OR) said he has warned successive U.S. administrations for years about the national security risks posed by these vulnerabilities, citing a DHS presentation that previously identified Iran among the "primary countries" using SS7 to target U.S. subscribers.
A Wyden letter in May explicitly noted that government contractors briefed military leadership in 2016 on the ease of tracking smartphones owned by military members, as adversaries exploit geolocation data via ad profiles.
In October 2025, U.S. researchers uncovered massive unencrypted satellite leaks affecting calls, texts, and military data.






