UPDATE: US posts $10M bounty on the Russia-nexus Signal/WhatsApp crews and adds Signal Backup-Recovery-Key theft to the advisory

UPDATE (originally covered 2026-06-27): The US Department of State's Rewards for Justice program posted a $10 million reward on 2026-06-29 for information on members of UNC5792 (assessed associated with Russia's FSB) and UNC4221 (assessed associated with the GRU), and the FBI/CISA advisory was updated with a newly observed tactic — theft of Signal Backup Recovery Keys (Rewards for Justice, 2026-06-29 · BleepingComputer, 2026-06-29).

The recovery-key tactic is the operationally material change: a stolen backup recovery key is persistent — even after the victim rotates their phone number or reinstalls, the attacker can restore the full message backup, including prior history and group content, so access survives the initial social-engineering window (SecurityWeek, 2026-06-29). Targets are current/former government and military officials, political figures, journalists, and Ukraine-based officials across Europe and the US. Swiss federal and cantonal officials using Signal should treat backup-recovery-key protection (and re-checking the NCSC-CH Signal guidance covered 2026-06-25) as an action item, not a watch item.