US offers $10M reward for info on Russian cybercriminal groups | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


The U.S. Department of State’s Rewards for Justice program has issued an international alert offering a reward of up to 10 million dollars for anyone who provides crucial information about some well-known threat actors.

This multi-million dollar financial incentive seeks to obtain any data that allows the identification, location, or arrest of members of the cybercriminal group UNC5792, as well as members of the UNC4221 cell, for participating in illegal digital activities against U.S. critical infrastructure and for violating the Computer Fraud and Abuse Act.

Behind both groups is the Government of Russia. Specifically, investigations link UNC5792 to the Border Guard of the Federal Security Service, the well-known Russian FSB, while the UNC4221 group operates under the orders of Putin’s armed forces, mainly in the area of Europe and Eurasia.

So far, the first group has carried out large-scale phishing campaigns and social engineering tactics targeting Signal and WhatsApp accounts of U.S. government officials, senior military officers, NATO personnel, and journalists investigating Russia and Ukraine issues.

The attackers manage to bypass security by manipulating group invitation links to unauthorizedly link a device under their control, which has allowed them to compromise thousands of accounts, steal contact lists, and access confidential defense and national security communications.

“Through social engineering techniques, these cybercriminals exploit the legitimate device linking functions in these secure messaging applications to gain unauthorized access to confidential government communications, contact lists, and group conversations,” commented the Rewards for Justice program.

“After compromising an account, the cybercriminals were also able to send messages and carry out additional phishing attacks against other accounts using those same commercial messaging applications,” they added.

Despite not having exploited any security vulnerabilities in the platforms’ encryption protections, the cybercriminals did hack thousands of individual accounts of those popular chat tools.

Conditions to claim the reward

To claim the reward, the U.S. government requires very specific information about the ecosystem of these attackers.

The money will be awarded in exchange for names, locations, and biographical data of UNC5792 members and their contractors, details about their technical infrastructure such as servers and domains used, and financial records including sources of funding, bank accounts, or cryptocurrency wallets that reveal how these cyber espionage operations are paid.

The U.S. Department of State’s Rewards for Justice program has issued an international alert offering a reward of up to 10 million dollars for anyone who provides crucial information about some well-known threat actors.

This multi-million dollar financial incentive seeks to obtain any data that allows the identification, location, or arrest of members of the cybercriminal group UNC5792, as well as members of the UNC4221 cell, for participating in illegal digital activities against U.S. critical infrastructure and for violating the Computer Fraud and Abuse Act.

Behind both groups is the Government of Russia. Specifically, investigations link UNC5792 to the Border Guard of the Federal Security Service, the well-known Russian FSB, while the UNC4221 group operates under the orders of Putin’s armed forces, mainly in the area of Europe and Eurasia.

So far, the first group has carried out large-scale phishing campaigns and social engineering tactics targeting Signal and WhatsApp accounts of U.S. government officials, senior military officers, NATO personnel, and journalists investigating Russia and Ukraine issues.

The attackers manage to bypass security by manipulating group invitation links to unauthorizedly link a device under their control, which has allowed them to compromise thousands of accounts, steal contact lists, and access confidential defense and national security communications.

“Through social engineering techniques, these cybercriminals exploit the legitimate device linking functions in these secure messaging applications to gain unauthorized access to confidential government communications, contact lists, and group conversations,” commented the Rewards for Justice program.

“After compromising an account, the cybercriminals were also able to send messages and carry out additional phishing attacks against other accounts using those same commercial messaging applications,” they added.

Despite not having exploited any security vulnerabilities in the platforms’ encryption protections, the cybercriminals did hack thousands of individual accounts of those popular chat tools.

Conditions to claim the reward

To claim the reward, the U.S. government requires very specific information about the ecosystem of these attackers.

The money will be awarded in exchange for names, locations, and biographical data of UNC5792 members and their contractors, details about their technical infrastructure such as servers and domains used, and financial records including sources of funding, bank accounts, or cryptocurrency wallets that reveal how these cyber espionage operations are paid.


——————————————————-


Click Here For The Original Source.

National Cyber Security

FREE
VIEW