Back

Geolocation Surveillance Tech Webloc Raises Privacy and Security Concerns

Severity: High (Score: 69.8)

Sources: elfaro.net, therecord.media, News.Risky.Biz, citizenlab.ca, vsquare.org

Summary

The Citizen Lab report details the capabilities of Webloc, an ad-based geolocation surveillance tool developed by Cobwebs Technologies and sold by Penlink. This technology allows access to data from up to 500 million mobile devices, enabling surveillance on individuals without warrants. The U.S. Immigration and Customs Enforcement (ICE) has contracted to use Webloc, prompting calls from 72 U.S. Congress members for an investigation into warrantless data purchases. The report highlights the use of Webloc by various law enforcement agencies, including the U.S. military and local police departments. Additionally, it confirms that Hungary's domestic intelligence has utilized Webloc since at least 2022. The report raises alarms about the implications for civil liberties and privacy rights as ad-based surveillance technologies proliferate. The situation is compounded by reports of a hacker breaching multiple Mexican government agencies using AI tools, indicating broader vulnerabilities in government cybersecurity. Overall, the report emphasizes the urgent need for regulation of such surveillance technologies. Key Points: • Webloc enables tracking of 500 million mobile devices without warrants. • ICE's use of Webloc has prompted congressional calls for an investigation. • Hungary's intelligence services have confirmed the use of Webloc since 2022.

Key Entities

  • Guacamaya (apt_group)
  • Candiru (apt_group)
  • Data Breach (attack_type)
  • Malware (attack_type)
  • Phishing (attack_type)
  • Pegasus Project (campaign)
  • Australia (country)
  • Austria (country)
  • Brazil (country)
  • Bulgaria (country)
  • China (country)
  • Government (industry)
  • NiceTrack (malware)
  • Pegasus (malware)
  • T1021 - Remote Services (mitre_attack)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1566.002 - Spearphishing Link (mitre_attack)
  • Google (company)
  • Instagram (platform)
  • Linux (platform)
  • Tangles (platform)
  • Trapdoor (platform)
  • Windows (platform)
  • Lynx (ransomware_group)
  • Webloc (tool)
  • Claude Code (tool)
  • CoAnalyst (tool)
  • Custom Python Tool (tool)
  • Full AI (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed