Impersonate SS7 Nodes
Adversaries may exploit the lack of authentication in signaling system network nodes to track the location of mobile devices by impersonating a node.(Citation: Engel-SS7)(Citation: Engel-SS7-2008)(Citation: 3GPP-Security)(Citation: Positive-SS7)(Citation: CSRIC5-WG10-FinalReport)
Senses
Sense 1
Adversaries may exploit the lack of authentication in signaling system network nodes to track the location of mobile devices by impersonating a node.(Citation: Engel-SS7)(Citation: Engel-SS7-2008)(Citation: 3GPP-Security)(Citation: Positive-SS7)(Citation: CSRIC5-WG10-FinalReport)
By providing the victim’s MSISDN (phone number) and impersonating network internal nodes to query subscriber information from other nodes, adversaries may use data collected from each hop to eventually determine the device’s geographical cell area or nearest cell tower.(Citation: Engel-SS7)
- MITRE ATT&CK (Mobile, CTI STIX Data)Jan 06, 2026MITRE ATT&CK CTI (STIX bundle)https://raw.githubusercontent.com/mitre-attack/attack-stix-data/master/mobile-attack/mobile-attack.jsonSee repository LICENSE.txt for ATT&CK terms: non-exclusive royalty-free license; reproduce MITRE copyright + license in copies. Verify requirements before publishing quoted text.Source: MITRE ATT&CK (attack-stix-data).