How Global Surveillance Tracking Used Telecom Flaws to Hunt Dissidents, CEOs and Public Figures
What looked like a niche telecom service turned out to be a tracking machine that touched intelligence outfits, private contractors and celebrity circles
For years, public debate on surveillance focused on names like Pegasus and Intellexa. What slipped through was First Wap, also known as Altamides, a firm that specialized in exploiting the SS7 telecom protocol. A leaked archive showed more than a million tracking attempts across over one hundred countries.
The records documented how a Vatican journalist was followed hundreds of times, how Anne Wojcicki, a Silicon Valley biotech founder, was tracked more than a thousand times, and how Erik Prince, a former private military contractor, appeared in the logs. Even an American actor, Jared Leto, showed up in the traces, alongside defense executives, dissidents, and ordinary citizens who never expected their phone use to be monitored. Bashar al-Assad, the Syrian head of state, was among those listed, showing the range spanned from celebrities to political leaders.
How the network was built
Altamides made use of SS7, a signaling protocol designed in the 1970s to connect phone calls across networks. SS7 was never designed with security in mind, and once a company had access to it, the commands could locate a device, intercept messages, or reroute calls. First Wap ran out of Jakarta but routed business through shell firms in Liechtenstein and other jurisdictions. Resellers like KCS Group offered the service to clients, insulating the core company from direct exposure. The approach blurred commercial surveillance with intelligence work. Pegasus and other spyware grabbed headlines, but Altamides worked through the network itself, cheaper and harder to trace.
Targets and uses
The leaked records showed a troubling range of clients. Religious figures, technology founders, corporate defense executives, and celebrities were swept up. Some regimes used the access to monitor political opponents, while private contractors and investigators offered it for hire. The archive made clear that this was not limited to government buyers. Once a tool like this exists, it migrates into other hands. That migration happened here: a system built for state intelligence became a service for anyone willing to pay.
Why the law failed
Telecom regulators knew SS7 had weaknesses, but the system was too deeply embedded in global networks to replace. Roaming still depended on it. Companies had little incentive to shut down profitable gateways. Export laws required licensing for spyware, but not for telecom signaling. Vendors routed contracts through fronts in Southeast Asia and Europe, creating plausible deniability. By the time public focus turned toward spyware, the quieter network exploitation persisted, largely unchecked.
The Linus demonstration
Years after the Altamides system reached global scale, A public test by Veritasium’s Derek involving Linus Sebastian, a technology content creator with a large online following, showed how the same network vulnerabilities could be exploited in public. His phone was never touched, yet his calls were rerouted, his text messages intercepted, and his two factor authentication codes captured. What governments and contractors had done in secret, a group of demonstrators replicated openly. That proved the barrier to entry was not as high as once assumed. If a tech host can be tracked without a device compromise, so can anyone else. The demonstration tied the systemic risk back to the everyday user, not just the famous or powerful.
Fragmented futures
Instead of predicting one direction, it is more useful to track a few emerging paths.
Legal pressure in narrow lanes
In some regions, regulators will likely tighten audits. They may demand telecom operators block specific SS7 commands or log every access request. Data brokers might be forced to reveal their clients. These steps will work in places with capacity to enforce them, but not everywhere.
Commercial retreat into darker channels
Vendors that feel pressure in Europe or North America will shift to buyers in regions with weaker oversight. They will market services through intermediaries, shield contracts behind shell firms, and make surveillance capacity available through private sales. That will not reduce use, only push it further from view.
Exposure by investigation
Civil society groups, courts, and journalists will continue to surface leaks, procurement contracts, and case files that document abuse. Each revelation adds to the record, even if it does not halt the practice. The Mother Jones reporting on Altamides shows what can be learned when archives surface.
Adaptation by institutions
Telecom companies may quietly reroute sensitive traffic, restrict certain commands, or invest in new layers of protection. They will do so less for moral reasons than to limit liability. This form of adaptation will not be announced, but its effects will be felt in the narrowing of what attackers can do cheaply.
The human cost
These systems are not evenly distributed. They concentrate risk. The Vatican journalist tracked hundreds of times lived under pressure that most people never face. A celebrity can shrug off a leak, but a dissident cannot. A defense executive may have resources to respond, while a local activist does not. Surveillance erodes unevenly, cutting deepest where power already tilts against the subject.
What accountability would look like
Meaningful safeguards would require independent audits of telecom operators, transparency on who buys location data, and legal rights to challenge how identifiers are linked and analyzed. Courts would need to see the technical methods used in criminal cases. Civil suits could pressure resellers who broker access. Without such moves, drift will continue. Surveillance capacity will expand until the distinction between state, corporate, and private use collapses completely.
Closing reflection
Global surveillance tracking is not hypothetical. The Altamides leak documented its global reach, naming political leaders, corporate executives, celebrities, and dissidents who were followed without consent. The Linus demonstration showed the same weaknesses applied to a public figure with no state-level adversary. Together they reveal a system that is both systemic and personal. The question is whether institutions will confront it directly, or whether society will accept a future where visibility is dictated by who has the money and access to see.
Go to TECHTRENDSKE.co.ke for more tech and business news from the African continent.
Mark your calendars! The GreenShift Sustainability Forum is back in Nairobi this November. Join innovators, policymakers & sustainability leaders for a breakfast forum as we explore sustainable solutions shaping the continent’s future. Limited slots – Register now – here. Email info@techtrendsmedia.co.ke for partnership requests.
Follow us on WhatsApp, Telegram, Twitter, and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to editorial@techtrendsmedia.co.ke
TechTrends Media Podcasts
