---
title: "US Offers $10 Million for Russian Hackers Targeting Signal and WhatsApp"
description: "The US State Department is offering up to $10 million for information on hacking groups it links to Russian intelligence that have been compromising Signal and WhatsApp accounts. The twist: they aren't breaking the apps' encryption — they're tricking users into handing over the keys."
category: "Tech"
category_url: https://boursel.com/category/tech
author: "Rafael Ortiz"
published: 2026-06-29T23:44:20.000Z
updated: 2026-06-29T23:44:20.000Z
canonical: https://boursel.com/article/us-offers-10-million-dollars-for-russian-hackers-targeting-signal-and-whatsapp
tags: ["cybersecurity", "russia", "signal", "whatsapp", "tech"]
---
# US Offers $10 Million for Russian Hackers Targeting Signal and WhatsApp

The US State Department is offering up to $10 million for information on hacking groups it links to Russian intelligence that have been compromising Signal and WhatsApp accounts. The twist: they aren't breaking the apps' encryption — they're tricking users into handing over the keys.

Washington is putting a price on the heads of hackers who've been spying on encrypted chats. The **US State Department** is offering **up to $10 million**, through its **Rewards for Justice** program, for information on hacking groups behind a campaign that has compromised **Signal and WhatsApp** accounts, [The Record reported](https://therecord.media/10million-reward-us-russian-hackers-unc4221-unc5792). US officials **attribute** the activity to groups **linked to Russian intelligence** — tracked as **UNC5792 and UNC4221** — and say the reward covers details on the groups' members, infrastructure, funding and crypto wallets.

## They didn't break the encryption

The most important point for anyone who uses these apps: **the encryption wasn't cracked.** Signal and WhatsApp use **end-to-end encryption**, meaning messages are scrambled so only the sender and recipient can read them. Rather than defeat that, the attackers used **social engineering** — deception — to get users to **hand over access**, [as BleepingComputer detailed](https://www.bleepingcomputer.com/news/security/us-offers-10-million-for-hackers-targeting-whatsapp-signal-users/).

The tactics, per the reporting:

- **Fake "verification" prompts** — phishing messages posing as the app's support team, telling targets to enter their account **PIN** or **backup recovery key** (a credential that can restore an account — and hand an attacker the message history).
- **Malicious QR codes** — tricking a user into scanning a code that **links the attacker's device** to the victim's account, quietly mirroring their messages.
- Harvesting **two-factor authentication codes**.

Once in, the attackers can read private and group chats and contacts — not by beating the math of encryption, but by **walking through the front door** the user unwittingly opened.

## Who's being targeted

According to the US, the campaign has hit **thousands of accounts**, with targets including **government officials, diplomats, defense and intelligence personnel, NGOs working on Ukraine, and journalists** covering Russia and the war. In other words, this is **espionage** aimed at high-value individuals, not mass financial fraud.

## Why it matters beyond Washington

For Boursel's readers, the lesson is a business-security one. **Executives, dealmakers and firms** increasingly rely on Signal and WhatsApp for sensitive conversations precisely because they're encrypted. This campaign is a reminder that **encryption protects the message, not the user**: if someone is tricked into surrendering a recovery key or linking a rogue device, the strongest encryption in the world won't help. It fits the broader pattern Boursel has covered — **state-backed and increasingly sophisticated cyberattacks**, where the weak link is human, not mathematical.

The use of a **multimillion-dollar bounty** is itself notable. Rewards for Justice, historically aimed at terrorists, has been repurposed to chase **state-sponsored hackers** — a sign of how seriously governments now treat cyber-espionage, and a bet that **money** might pry loose intelligence that technical defenses can't.

## The takeaway

The practical defense is unglamorous but effective: treat **recovery keys, PINs and "verify your account" messages** with the same suspicion as a password request from a stranger, and never **link a device** or scan a login QR code you didn't initiate. Boursel won't speculate beyond what the US has alleged about who's responsible. But the structure of the attack is the story: in 2026, the easiest way into a "secure" conversation is often to **fool the person having it** — which is exactly why the threat is so hard to engineer away.

## Sources

- [US posts $10 million reward over Russian cyber campaign targeting Signal, WhatsApp](https://therecord.media/10million-reward-us-russian-hackers-unc4221-unc5792)
- [US offers $10 million for hackers targeting WhatsApp, Signal users](https://www.bleepingcomputer.com/news/security/us-offers-10-million-for-hackers-targeting-whatsapp-signal-users/)