US offers ten million for hackers targeting WhatsApp and Signal

Published on 2026-07-01 | Translated from Spanish

The U.S. government has placed a bounty on two groups of cybercriminals posing as WhatsApp and Signal technical support. Their goal is to steal backup keys to access private conversations. The reward reaches $10 million for information leading to their capture. The warning for users is clear: be wary of any message requesting codes or links, even if they appear official.

Cybercriminals disguised as WhatsApp and Signal support agents stealing backup keys from a smartphone screen, digital padlock icons breaking apart while glowing red alert symbols appear, hacker silhouette reflected in phone display during phishing attack, technical illustration style, dark server room background with floating data streams, realistic phone UI showing fake login page, metallic briefcase with 10M dollar symbol glowing nearby, dramatic blue and red lighting, ultra-detailed keyboard and network cables, photorealistic forensic cybersecurity visualization

How fake technicians operate to steal backup keys 🕵️

Attackers contact victims via calls or messages impersonating the applications' support team. They claim an urgent security issue and request the verification code sent by SMS or the link to restore the account on another device. Once the key is obtained, they access encrypted chats and shared files. The vulnerability lies not in end-to-end encryption, but in the trust placed in a fraudulent message.

If you receive a support message, it's not your lucky day 😅

It's curious that, faced with the threat of losing secret conversations about weekend plans or cooking recipes, many users still share codes as if they were candy. Next time a friendly technician asks for your backup key to fix a problem, remember: the only real problem will be you sharing your data. At least, if you lose access, you'll have a perfect excuse not to reply to your boss.