The US State Department has placed a $10 million bounty on two Russian state-backed hacking groups, UNC5792 and UNC4221, for their ongoing cyber attacks targeting US government officials, military leaders, and allied personnel. The reward, announced via the State Department's Rewards for Justice program, seeks information leading to the identification or location of individuals working with these threat actors.
The groups have focused their efforts on compromising messaging applications used by high-value targets, according to SecurityWeek. The attacks appear to be part of a broader Russian intelligence campaign aimed at gaining persistent access to sensitive communications within US and allied government networks. Specific details on the total number of victims or systems affected remain undisclosed.
UNC5792 and UNC4221 employ advanced social engineering tactics and exploit vulnerabilities in popular messaging platforms to deliver malware. Once initial access is achieved, the actors move laterally through networks to exfiltrate sensitive data and establish long-term persistence. The groups have been observed using custom malware variants and leveraging legitimate tools to avoid detection.
No specific patches or software updates have been announced, as the attacks rely on exploiting user behavior rather than specific technical vulnerabilities. The US government recommends that officials and military personnel use encrypted communication platforms with strict access controls, enable multi-factor authentication, and exercise caution when receiving unsolicited messages or links.
The bounty announcement underscores the evolving threat landscape where messaging apps have become prime vectors for state-sponsored espionage. While the $10 million reward signals the seriousness of these campaigns, some cybersecurity experts note that bounties have historically had limited success in disrupting well-resourced state intelligence operations, as Russian agencies often operate with significant state backing and operational security.