← Back to news

U.S. Targets Russian Cyber Spies With $10M Bounty Over Messaging App Attacks

Security Affairs29/06/2026, 21:49
Read full article →

Summary

AI-Generated

Key Points:

  • Russian-linked hacking groups UNC5792 and UNC4221 are targeting U.S. officials and journalists through phishing attacks on Signal and WhatsApp, seeking to obtain Signal Backup Recovery Keys.
  • The impact includes compromised messaging accounts of thousands of individuals, allowing attackers to access sensitive conversations and launch further phishing attacks.
  • Recommended actions include enhancing user awareness regarding social engineering tactics, implementing multi-factor authentication, and monitoring for suspicious activity related to messaging apps.

Technical Details: The attackers exploit legitimate device-linking features in secure messaging apps to trick victims into connecting their accounts to attacker-controlled devices. This method allows them to bypass encryption without directly breaking it.

MITRE ATT&CK Techniques:

  • T1566 - Phishing (Initial Access)
  • T1203 - User Execution (Execution)
  • T1071.001 - Application Layer Protocol: Web Protocols (Command and Control)

IOCs Mentioned: None mentioned

Join the discussion — sign up to comment, upvote, and save articles.

Discussion

or to comment
Loading...

Loading comments...

Join 5,000+ security professionals

Get access to curated threat intel, upvote articles, join discussions, and build your karma in the SOC community.