Federal agencies have announced a $10 million bounty for credible tips that could expose or locate members of a Russian cyber collective accused of infiltrating thousands of encrypted messaging accounts on platforms like WhatsApp and Signal. The group, tied to state intelligence services, has allegedly leveraged sophisticated phishing tactics since at least March to harvest credentials and gain unauthorized access.
The campaign first came to public attention when the FBI issued a public advisory in March 2026, cautioning high-value targets—including investigative journalists and U.S. government employees—about deceptive messages disguised as automated support notices. These fraudulent communications typically instruct recipients to click a link or enter verification codes, unknowingly granting attackers control over their accounts. In many cases, compromised users found themselves locked out of their own profiles within minutes.
According to cybersecurity researchers tracking the group, the operation follows a pattern observed in previous state-sponsored campaigns. Attackers often impersonate customer support portals, exploiting users’ trust in legitimate service interfaces. Once inside an account, they can intercept sensitive conversations, harvest contact lists, and pivot to other systems connected to the compromised device. The scale of the breach remains unclear, but reports indicate thousands of accounts may have been affected.
Investigators believe the collective operates under the direction of Russian intelligence agencies, aligning with broader geopolitical cyber operations observed in recent years. The U.S. State Department confirmed the reward program in a joint statement with the Department of Justice, emphasizing the threat posed to national security and press freedom. "We will not tolerate foreign actors weaponizing encrypted communications to undermine democratic institutions," a spokesperson said.
To counter the threat, experts recommend several defensive measures for users of encrypted messaging apps. Users should verify sender identities before engaging with automated support messages, avoid clicking unsolicited links, and enable multi-factor authentication wherever possible. Organizations handling sensitive data are advised to implement advanced monitoring tools to detect anomalous login attempts or unusual account activity.
The bounty reflects growing international efforts to deter state-backed cyber espionage. While financial incentives have proven effective in disrupting criminal networks in the past, their impact on sophisticated intelligence operations remains uncertain. Analysts note that attribution in cyberattacks is notoriously difficult, and even successful bounties may only yield partial intelligence rather than definitive evidence. Nonetheless, the announcement signals a stronger U.S. commitment to countering digital threats originating from hostile state actors.
AI summary
ABD, Rus istihbaratıyla bağlantılı siber saldırgan grubun yerini tespit etmek için 10 milyon dolarlık ödül açıkladı. WhatsApp ve Signal hesaplarını hedef alan saldırılar hakkında detaylar.
