Federal authorities are now offering a reward of up to $10 million for information leading to the identification or location of a Russian state cyber group that has compromised thousands of Signal and WhatsApp accounts belonging to investigative reporters and US government employees. The operation, active since at least March, involves phishing campaigns with messages masquerading as automated support communications.

With the user's compliance, their account can be linked to an attacker’s device or completely taken over, rendering them unable to access it. This incident has affected thousands of accounts with high intelligence value, including current and former US government officials, military personnel, political figures, and journalists. The Federal Bureau of Investigation (FBI) published an update indicating that the campaign had evolved, now urging users to create a backup of their previous communications.

Further details reveal that two Russian government groups responsible for the attacks were tracked as UNC5792 and UNC4221. According to Signal's terms of service update, an investigation with US government and European partners revealed that the attacks on accounts were carried out by hackers from Iran and post-Soviet countries.

Signal now mandates two-factor verification for users and has introduced mandatory backup procedures to protect against such breaches. The urgency of this threat cannot be overstated in today’s digital age where personal and professional communication can be compromised with devastating consequences.