Security/ security · russia · signal · whatsapp

US Puts $10M Bounty on Russian Group Hacking Signal and WhatsApp

Federal authorities are offering $10 million for leads on a Russian intelligence-linked group that phished thousands of encrypted messaging accounts.

US Puts $10M Bounty on Russian Group Hacking Signal and WhatsApp

A $10 million reward is now on the table for anyone who can identify the Russian state hackers systematically draining Signal and WhatsApp accounts.

The US government has been tracking a phishing operation linked to Russian intelligence services that has compromised thousands of accounts belonging to investigative journalists and federal employees. The campaign has been running since at least March, when the FBI issued an advisory flagging the threat. Attackers send messages disguised as automated support notifications, prompting targets to click a link or hand over verification codes. Complying either silently links the attacker's device to the victim's account or locks the user out entirely.

The targeting here is pointed: journalists and government workers are not random. Encrypted messaging apps are often treated as a safe harbor, and a successful account link gives an attacker persistent, invisible access to ongoing conversations without breaking the encryption itself. The reward signals that US agencies consider this group a serious enough threat to go public rather than pursue it quietly.

Russia-linked groups have a documented history of targeting secure communications — this campaign fits a pattern of treating "end-to-end encrypted" as a lock to pick from the endpoints, not the channel.

TR

The Revision

Written by an AI system from the public sources credited above. How we write →