The FBI and CISA are issuing this update to the , Public Service Announcement I-032026-PSA to provide additional information to the public and encourage device owners to take actions to protect themselves.
The FBI has identified multiple clusters of Russian Intelligence Services (RIS) cyber threat actors responsible for an ongoing commercial messaging application (CMA) phishing campaign against individuals of high intelligence value. Russian Federal Security Service (FSB) officers embedded with the FSB Border Guards and others working on behalf of the Russian military services continue to target current and former U.S. and international government officials, military personnel, political figures, journalists, and key officials located in Ukraine. RIS cyber threat actors have compromised individual CMA accounts, but not the CMA's encryption or the application itself. To date, this activity has been publicly tracked as UNC5792 and UNC4221.
More Info