InfoSecBulletin Cybersecurity for mankind
The Rewards for Justice program, run by the U.S. State Department, has recently offered a bounty of up to $10 million for any information linking the Clop ransomware attacks to a foreign government. The program aims to gather intelligence on various threat actors and cyber attacks that pose a national security risk to the United States.
Originally focused on gathering information about terrorists targeting U.S. interests, Rewards for Justice has expanded its scope to include cyber criminals like the Conti ransomware operation, Russian Sandworm hackers, REvil ransomware, and the Evil Corp hacking group.
ALSO READ:
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
Microsoft says disruptions to Outlook, cloud platform, were cyberattacks
The decision to offer this new bounty comes in response to the Clop ransomware attacks, which involved the theft of data from numerous companies worldwide using a zero-day vulnerability in the MOVEit Transfer security file transfer platform. These attacks began on May 27th, coinciding with the U.S. Memorial Day holiday. The Clop ransomware gang claimed responsibility for the data theft and subsequently attempted to extort the affected companies by threatening to leak their data if a ransom was not paid.
During these attacks, several U.S. federal agencies, including the Department of Energy, were breached, raising concerns about the potential theft of sensitive data. While the Clop threat actors have stated that they delete any stolen government data and are solely driven by financial motives rather than political interests, the veracity of their claims cannot be confirmed. As a result, federal agencies must operate under the assumption that the stolen data could be misused or acquired by foreign governments.
In an effort to prevent future attacks and gather information about the Clop operation, the Rewards for Justice program is offering a substantial reward to anyone, including other threat actors, who can provide tips. To facilitate the submission of information, the State Department has established a dedicated Tor SecureDrop server where individuals can anonymously share information regarding Clop and other threat actors.
