How Iran spied on US troops via mobile networks during war to track exact location

1 hour ago

The suspected surveillance campaign took place in the weeks leading up to the US-Israeli military operation against Iran in late February and continued after Tehran retaliated with missile and drone attacks on American bases across the region.

Telecommunications data obtained from the Mobile Surveillance Monitor research project showed a surge in suspicious requests known as SS7 pings. (Photo: X@CENTCOM)

The Iran war may have unfolded on more than one battlefield. Alongside missile strikes and military operations, a covert cyber campaign by Iran tracked US troops and contractors through Middle Eastern mobile networks and smartphone data, according to a Financial Times report that cited telecom data, cybersecurity experts and officials familiar with the matter.

The report said the suspected surveillance campaign took place in the weeks leading up to the US-Israeli military operation against Iran in late February and continued after Tehran retaliated with missile and drone attacks on American bases across the region.

US lawmakers have repeatedly warned that weaknesses in global mobile phone systems and commercial location-tracking technology may have exposed American troops to surveillance during an active conflict.

CYBER CAMPAIGN TARGETED US PERSONNEL

According to the Financial Times, telecommunications data obtained from the Mobile Surveillance Monitor research project showed a surge in suspicious requests known as SS7 pings.

SS7 is an old signalling protocol used by telecom companies to help mobile phones connect while roaming outside their home networks. If manipulated, it can reveal the approximate location of a phone without the user's knowledge.

Two cybersecurity experts who reviewed the data told the newspaper that the volume and pattern of the requests pointed to a coordinated campaign aimed at identifying specific devices rather than random activity. Officials in Gulf countries suspected that Iran or groups aligned with Tehran exploited roaming agreements with regional telecom providers to locate US military personnel and contractors.

The report said Iranian mobile operators have roaming arrangements with networks across the Gulf, giving them the technical ability to send these requests beyond Iran's borders.

COMMERCIAL DATA ALSO UNDER SCRUTINY

The alleged surveillance campaign was not limited to telecom networks.

According to the report, US officials also believe actors linked to Iran misused commercially available smartphone advertising databases to identify the locations of phones in Iraq's semi-autonomous Kurdistan region.

Advertising technology routinely collects location information from smartphones to deliver targeted advertisements. security experts have long warned that the same data can be purchased or accessed to monitor individuals without directly hacking their devices.

Cybersecurity researcher Gary Miller of Citizen Lab said Iran has the capability to collect real-time location data.

"Iran absolutely has capabilities to get real-time, immediate, and continuous location information," Miller told the Financial Times.

"It would surprise me very much if Iran were not using SS7, or mobile network access in the region, to track US users."

Miller also reviewed parts of the telecom data and said at least some of the blocked tracking attempts appeared to originate from an Iranian mobile operator.

"This appears to be very specific user targeting," he said. "They are targeting specific devices."

FRESH ATTACKS RAISES QUESTIONS

During the conflict, Iran and Iran-backed groups launched attacks on several locations across Iraq, Bahrain and other Gulf countries where US military personnel and contractors were stationed.

Some attacks reportedly struck hotels used to accommodate American personnel.

However, the investigators have not established a direct link between the digital surveillance campaign and individual missile or drone strikes.

Experts said military targeting typically relies on several intelligence sources, including satellite imagery, human informants and publicly available online information.

CENTCOM WARNS OF LOCATION DATA EXPLOITATION

However, US Central Command acknowledged that the threat was taken seriously.

The command told US Congress in April that it had "received multiple threat reports concerning adversary exploitation of commercial location data to target or surveil US personnel in theatre".

Centcom also said it had "took unprecedented force-protection measures that we are unable to discuss in order to ensure that our forces remain safe".

A separate US official cautioned against overstating the role of digital tracking.

"Any claim suggesting data tracking played a significant role in attacks...is a departure from the facts," the official said.

LONG-STANDING SECURITY GAP

The report said concerns about digital surveillance are not new.

According to a 2024 review by the US Department of Defense Office of the Inspector General, the military has yet to fully close security loopholes affecting smartphones issued to service members.

Former CIA official Michael Stokes said the problem has troubled the US intelligence community for more than a decade.

He explained that modern smartphones constantly generate what he described as a "digital exhaust" that includes location data, contacts, movement patterns and other information.

Even if a phone itself is never hacked, this data can reveal sensitive information about its user.

- Ends

Published By:

Satyam Singh

Published On:

Jul 14, 2026 19:11 IST

Read Full Article at Source