US Offers $10 Million Bounty for Russian State Hackers as Messaging App Attacks Evolve

The US government is offering rewards of up to $10 million for information on individuals associated with two threat actors linked to Russian intelligence.

Publicly tracked as UNC5792 and UNC4221, the cyber groups have been targeting current and former US government officials and military leaders, allied personnel, journalists, political figures, and key officials located in Ukraine.

The threat actors have been conducting phishing campaigns targeting commercial messaging applications (CMAs), a March alert from CISA and the FBI shows.

Posing as automated CMA support accounts, the hackers lure victims into clicking on a link or sharing verification codes to take over their accounts on messaging platforms such as Signal and WhatsApp.

In a fresh update, CISA and the FBI warn that the attackers have renewed their tactics and are now asking victims for their Backup Recovery Keys to access historical conversations as well, including private and group messages.