WikiLeaks has published a classified malware for that tracks geo-location of targeted PCs and laptops running the Microsoft Windows operating system. The ELSA Malware does it by capturing the IDs of nearby public hotspots and then matching them with the global database of public Wi-Fi hotspots’ locations. The malware does not require the targeted computer to be connected to the Internet, only requires the malware to be running on a device running with Wifi enabled. The information collected is then stored in encrypted form on the targeted device for later exfiltration.
Source: https://thehackernews.com/2017/06/wikileaks-cia-malware-geolocation.html