U.S. President Donald Trump poses for a selfie with a soldier during a Thanksgiving dinner on a surprise visit to Bagram Air Base in Afghanistan on Nov. 28, 2019. (Credit: Olivier Douliery/AFP)
Iran allegedly exploited telecommunications networks across the Middle East to track U.S. soldiers and contractors, according to a report by the Mobile Surveillance Monitor reviewed by the Financial Times and later by The New York Times.
The tracking attempts reportedly began as early as February, before the start of the war, and continued during its first days. Researchers detected large-scale SS7 requests targeting regional telecommunications networks.
These requests exploit vulnerabilities in older mobile network infrastructure, allowing entities with legitimate access to obtain the approximate location of connected phones.
Experts say the repeated waves of requests indicate a coordinated campaign. At least some of the blocked attempts have been linked to Iranian operators, according to the report.
Iran had targeted hotels housing American troops in Iraq and Bahrain during the U.S.-Israeli war on its territory, but it is unclear whether intelligence gathered through these cyber operations was used in those attacks.
The U.S. Department of Homeland Security has identified Iran as one of the main countries using SS7 requests to target American subscribers, Democratic Sen. Ron Wyden of Oregon told the Financial Times.
Known vulnerabilities
The use of international roaming by U.S. personnel in the region could therefore pose a security risk. Iranian-linked actors are also believed to have purchased commercial advertising databases to track mobile devices in Iraq's Kurdistan region.
In April, U.S. Central Command (CENTCOM) told Congress it had received "multiple reports of threats relating to the exploitation by adversaries of commercial location data to target or monitor U.S. personnel in the theater of operations." The command said it had implemented unprecedented protective measures.
According to the Financial Times, a U.S. official rejected claims that location tracking played a major role in the attacks. Another vulnerability comes from commercially available advertising technology. Smartphone manufacturers assign advertising identifiers to devices, allowing companies to track users for targeted marketing purposes.
Although no specific case has directly linked Iranian targeting of U.S. troops to these tracking methods, the issue could reignite debate within the U.S. security community. The Pentagon acknowledged in 2024 that it had not fully addressed this vulnerability on phones provided to military personnel.