Circles

Circles reportedly takes advantage of Signaling System 7 (SS7) weaknesses, the protocol suite used to route phone calls, to both track the location of mobile devices and intercept voice calls and SMS messages. It can be connected to a telecommunications company’s infrastructure or purchased as a cloud service. Circles has reportedly been linked to the NSO Group.[1]

ID: S0602
Type: MALWARE
Version: 1.0
Created: 26 April 2021
Last Modified: 26 April 2021

Techniques Used

Domain ID Name Use
Mobile T1449 Exploit SS7 to Redirect Phone Calls/SMS

Circles can intercept voice calls and SMS messages.[1]

Mobile T1450 Exploit SS7 to Track Device Location

Circles can track the location of mobile devices.[1]

References