Вход на сайт

Просмотр новости

Найдите то, что Вас интересует

US Offers $10 Million Bounty for Information on Russian Hackers Targeting Signal and WhatsApp Users

Дата публикации: 30-06-2026 11:20:31

The U.
Thank you for being a Ghacks reader. The post US Offers $10 Million Bounty for Information on Russian Hackers Targeting Signal and WhatsApp Users appeared first on gHacks.


Основное содержимое страницы с новостью.

The U.S. Department of State has announced a reward of up to $10 million for information leading to the identification or location of members of the hacker groups UNC5792 and UNC4221.

These groups are linked to Russia's intelligence and military agencies. This offer is part of the State Department's Rewards for Justice program.

The groups have carried out extensive phishing campaigns targeting Signal and WhatsApp accounts of U.S. government officials, military leaders, and allied personnel.

UNC5792 is associated with the Russian Federal Security Service Border Guards, while UNC4221 is described as operating on behalf of Russian military services.

Last week, the FBI and CISA updated a March 2026 advisory with new tactics observed in attacks attributed to these groups.

What The U.S. Government Wants To Know

The U.S. government is seeking information regarding the UNC5792 group and their support personnel. They want details on the names, locations, biographies, and affiliations of these actors and their team members.

Additionally, they are interested in connections to Russian intelligence agencies, contractors, and third-party service providers. The request includes information about the group's operational infrastructure, such as domains, servers, hosting environments, data storage solutions, tools, frameworks, and software used.

They are also looking into funding sources, financial accounts, banking relationships, and payment methods. Finally, they seek details on cryptocurrency wallets, blockchain transactions, and financial networks that support the group's operations.

The attacks do not exploit vulnerabilities in Signal's or WhatsApp's encryption. Instead, they rely on social engineering tactics aimed at users to obtain access details.

According to FBI and CISA, attackers pose as Signal support representatives in direct messages, claiming a mandatory two-factor verification is needed.

This is a scam designed to persuade users to share their Signal Backup Recovery Key, which provides access to their previous communications on the platform.

Once the attackers have the backup key, they can restore the victim's Signal data to a device they control and view past messages.

The US government has confirmed that thousands of individual accounts have been compromised across both Signal and WhatsApp through these methods.

Who Is At Risk And How To Stay Protected

The main targets include:

  • US and NATO government officials, diplomatic and defense personnel, intelligence officials, policy analysts, journalists covering Russia and Ukraine.
  • NGOs supporting Ukraine, security researchers, and specialists in Russian affairs.

Although the focus is mostly on individuals in government and policy roles, the techniques employed can be modified to target any high-value person.

Users on Signal and WhatsApp should follow these practices to stay protected:

  1. Never share Signal Backup Recovery Keys with anyone, regardless of how legitimate the request appears.
  2. Be aware that Signal support never asks for verification codes or recovery keys within the app or through unsolicited messages.
  3. Treat any request to verify or restore your account via links or codes as likely phishing.
  4. Verify the source of any communication claiming to be from Signal or WhatsApp by visiting the official support page directly through the app or company website.
  5. Enable two-factor authentication for your accounts using a separate authentication app, not via SMS.
  6. Remain especially cautious if you work in or with government, defense, journalism, or NGO sectors, as these are common targets.

Signal's official support team communicates only through official email addresses and does not send in-app direct messages or outreach through unsolicited contacts.

How to Report Information About Russian Hackers

Anyone with information that could help identify or find members of UNC5792 or UNC4221 is encouraged to contact the Rewards for Justice program.

Tips can be submitted through its website or via encrypted channels designed for sensitive sources. The $10 million reward is among the highest offered by the program, indicating the serious and ongoing threat posed.

Past cases have seen rewards paid for information leading to the identification or capture of state-sponsored cyber actors.

The bounty announcement is part of the broader US response to Russian cyber operations targeting US and allied interests.

The attacks on Signal and WhatsApp do not indicate a vulnerability in the platforms themselves but show how attackers are adapting to encrypted messaging by targeting users directly instead of exploiting encryption.

For those not in the targeted groups, these attacks serve as a reminder that even highly encrypted messaging services can be compromised through social engineering.

Maintaining good operational security, such as being cautious with unsolicited messages and protecting recovery keys, remains important regardless of the strength of the encryption.

Add Ghacks as a preferred source on Google

Схожие новости

#Наименование новостиТональностьИнформативностьДата публикации
1Russian Hackers Bypass Signal and WhatsApp Encryption by Targeting Backup Keys0829-06-2026
2WhatsApp Opens Username Reservations Ahead of Later 2026 Launch0506-07-2026
3EU Court of Justice Upholds €4.1 Billion Google Android Antitrust Fine in Final Appeal0503-07-2026
4Microsoft Extends Windows Server 2022 Hotpatching Through October 20270530-06-2026
5Dota 2 Esports World Cup 2026 Runs July 7 to 19 in Paris With $2 Million Prize Pool0507-07-2026
6Alibaba Blocks Claude Code for Employees Over Hidden Tracking of Chinese Users Starting July 100508-07-2026
7Supreme Court Agrees to Hear Apple Appeal Over 27% External Payment Fee in Epic Contempt Case0502-07-2026
8Microsoft Cuts 3,200 Xbox Jobs and Spins Off Four Game Studios in Largest Xbox Reset-2707-07-2026
9Google Confirms Made by Google Event on August 12 for Pixel 11 and Pixel Watch 5 Launch0508-07-2026
10Chrome Adds Deep Google Wallet Integration for Passport, License, and Travel Document Autofill on iOS and Android0528-06-2026

Классификация: Пресс-релизы. Схожих патентов: 0. Схожих новостей: 10. Тональность: 0. Информативность: 5. Источник: www.ghacks.net.