InfoSecBulletin Cybersecurity for mankind
The Rewards for Justice program, run by the U.S. State Department, has recently offered a bounty of up to $10 million for any information linking the Clop ransomware attacks to a foreign government. The program aims to gather intelligence on various threat actors and cyber attacks that pose a national security risk to the United States.
Originally focused on gathering information about terrorists targeting U.S. interests, Rewards for Justice has expanded its scope to include cyber criminals like the Conti ransomware operation, Russian Sandworm hackers, REvil ransomware, and the Evil Corp hacking group.
ALSO READ:
16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE
CISA warns of increasing risk tied to Oracle legacy Cloud leak
CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App
Apple released emergency security updates for 2 zero-day vulns
Oracle Released Patched for 378 flaws for April 2025
CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild
Bengaluru firm got ransomware attack, Hacker demanded $70,000
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today
PwC exits more than a dozen countries in push to avoid scandals: FT reports
Microsoft says disruptions to Outlook, cloud platform, were cyberattacks
The decision to offer this new bounty comes in response to the Clop ransomware attacks, which involved the theft of data from numerous companies worldwide using a zero-day vulnerability in the MOVEit Transfer security file transfer platform. These attacks began on May 27th, coinciding with the U.S. Memorial Day holiday. The Clop ransomware gang claimed responsibility for the data theft and subsequently attempted to extort the affected companies by threatening to leak their data if a ransom was not paid.
During these attacks, several U.S. federal agencies, including the Department of Energy, were breached, raising concerns about the potential theft of sensitive data. While the Clop threat actors have stated that they delete any stolen government data and are solely driven by financial motives rather than political interests, the veracity of their claims cannot be confirmed. As a result, federal agencies must operate under the assumption that the stolen data could be misused or acquired by foreign governments.
In an effort to prevent future attacks and gather information about the Clop operation, the Rewards for Justice program is offering a substantial reward to anyone, including other threat actors, who can provide tips. To facilitate the submission of information, the State Department has established a dedicated Tor SecureDrop server where individuals can anonymously share information regarding Clop and other threat actors.
