Security researchers from the Citizen Lab have identified two separate spying campaigns that exploited weaknesses in global telecoms infrastructure to track people's locations. The campaigns, which were not named, operated as “ghost” companies that pretended to be legitimate cellular providers and used their access to these networks to access their location data. The findings reveal continued exploitation of known flaws in global phone networks, such as the insecurity of Signaling System 7, or SS7, a set of protocols for 2G and 3G networks. The newer protocol, Diameter, was designed for newer 4G and 5G but still allows attackers to exploit SS7. Both campaigns abused access to three telecom providers, including Israeli operator 019Mobile, British provider Tango Networks U.K. and Airtel Jersey, a company owned by Sure, whose networks have been linked to prior surveillance campaigns. The researchers concluded that the campaigns were a deliberate and well-funded operation with deep integration into the mobile signaling ecosystem.