U.S. State Department Issues $10M Bounty for Russian Actors Targeting Signal and WhatsApp
The U.S. Department of State has issued a $10 million reward for intelligence identifying Russian state-sponsored threat clusters UNC5792 and UNC4221. These actors execute sophisticated smishing and phishing campaigns to compromise Signal and WhatsApp accounts, specifically targeting diplomatic, military, and journalistic personnel. Technical execution involves the deployment of credential theft malware and session hijacking tools to bypass end-to-end encryption (E2EE) security architectures. The operations leverage specialized Command and Control (C2) infrastructure and account takeover (ATO) templates to intercept sensitive communications, necessitating the adoption of hardware-based security keys and strict account recovery verification.