The US State Department has announced a reward of up to 10 million dollars for information that will help identify or locate members of two hacking groups linked to the Russian security services.
The US authorities are seeking information on groups tracked as UNC5792 and UNC4221. According to US intelligence, the former is linked to the Border Guard Service of the Russian Federal Security Service (FSB), whilst the latter operates on behalf of Russian military bodies.
Hackers specialise in attacks via popular messaging apps — Signal and WhatsApp. They carry out large-scale phishing campaigns targeting current and former government officials in the US and allied countries, military personnel, journalists, politicians and key figures in Ukraine. The attackers compromise accounts to gain access to correspondence, but do not break the apps’ encryption itself.
In recent months, the attacks have evolved: hackers are using fake support bots to persuade users to create backups of their chats and then trick them into revealing the encryption keys for those backups, thereby gaining access to old messages.
‘These groups continue to pose a serious threat to the national security of the US and its partners,’ US authorities note. A reward is being offered for any useful information: names, biographical details, locations or other information that will help in identifying and apprehending members of these groups.
This move by the US highlights the growing tensions in the field of cyber security between Washington and Moscow. The Russian side has traditionally rejected allegations of state involvement in cyber-attacks, describing them as unsubstantiated.
US intelligence agencies, including the FBI, are urging anyone with relevant information to contact them immediately. A reward may be paid for information leading to an arrest or a significant breakthrough in the investigation.
