An in-depth look at how the U.S. Rewards for Justice program offers multimillion-dollar bounties for tips on cybercriminals, ransomware gangs, and state-backed hackers.
Introduction: What Is Rewards for Justice?
In an era where criminal empires operate from behind encrypted channels, shell companies, and offshore jurisdictions, traditional policing is often insufficient. To bridge this gap, the United States Department of State operates one of the world’s most unconventional intelligence tools: the Rewards for Justice (RFJ) program.
Established in 1984, RFJ offers financial rewards sometimes exceeding $10 million for actionable information leading to the identification, location, arrest, or conviction of individuals involved in terrorism, transnational crime, cybercrime, and hostile state activity.
What began as a counterterrorism mechanism has evolved into a strategic instrument of modern cyberwarfare. Today, RFJ targets:
- Ransomware operators
- State-sponsored hackers
- Financial facilitators of sanctioned regimes
- Transnational criminal brokers
In effect, the U.S. government has placed a cybercrime bounty on digital predators who once believed themselves untouchable.
What Kind of Tips Qualify?
RFJ does not reward rumours or speculation. Qualifying tips must be specific, verifiable, and operationally valuable. In the cyber domain, this includes:
- Identification of ransomware operators
- Locations of command-and-control infrastructure
- Wallet addresses tied to sanctioned actors
- Internal communications or organisational hierarchies
- Financial conduits supporting hostile states
In recent years, RFJ has expanded its scope to explicitly include cyber threats linked to:
- North Korea (cryptocurrency theft and weapons funding)
- Russia (ransomware syndicates and state-aligned hackers)
- Iran (cyber espionage and infrastructure attacks)
- China (in certain strategic and sanctions-related contexts)
This marks a structural shift: cybercriminals are no longer treated merely as fraudsters—they are now framed as national security threats.
Real Examples of Reward Offers
The RFJ program publishes active bounties that function as both incentives and deterrents. Recent and ongoing offers include:
- Up to $10 million for information on ransomware reward U.S. groups such as Conti, LockBit, and REvil
- Millions in rewards for identifying North Korean crypto laundering networks
- Bounties on facilitators who move funds for sanctioned regimes
- Rewards for insiders within criminal syndicates
Active listings are publicly available at:
https://rewardsforjustice.net
These postings often name:
- Specific hacker aliases
- Known infrastructure
- Wallet clusters
- Operational patterns
For investigators and journalists, these pages provide an unusual fusion of intelligence briefing and public notice.
How You Can Submit a Tip Safely
RFJ is designed for informants operating in hostile or surveilled environments. Submissions can be made through:
- Secure Web Portal: https://rewardsforjustice.net
- TOR-based anonymous access (onion services listed on the RFJ site)
- Encrypted email via ProtonMail channels
- Signal and other secure messengers in select cases
Safety protocols for whistleblowers include:
- Never using personal devices or known networks
- Avoiding identifiable metadata in documents
- Using public or transient access points
- Segmenting operational and personal identities
RFJ explicitly permits report hackers anonymously submissions. Identity disclosure is optional and often discouraged in authoritarian environments.
How This Connects to Scam Compounds
Southeast Asian scam compounds, particularly in Cambodia, Myanmar, and Laos, operate as closed criminal ecosystems. Many workers inside these facilities are trafficked victims forced into fraud operations.
These individuals often possess:
- Internal scripts and playbooks
- Hierarchical charts
- Wallet addresses and laundering routes
- Physical locations of operators
- Names of handlers and overseers
RFJ offers a structural escape route: information becomes leverage. A coerced scammer with evidence is no longer expendable labor they become a strategic asset.
This dynamic introduces a form of whistleblower culture inside criminal enterprises, undermining operational cohesion and trust.
Your Role as a Citizen OSINT Investigator
The RFJ model does not replace journalism, it complements it.
Journalists, OSINT researchers, and cybercrime victims often uncover:
- Domain reuse across scam platforms
- Wallet clustering patterns
- Recruitment ads for scam labor
- Infrastructure overlap between fraud groups
While ethical reporting must never devolve into bounty hunting, there exists a legitimate convergence:
- Investigators publish patterns
- Victims report artifacts
- Governments operationalise intelligence
RFJ transforms passive observation into active disruption.
The ethical boundary is clear: truth-seeking remains the primary objective. Financial incentives are secondary outcomes, not motivations.
Final Thoughts: Rewards as Cyber Deterrence
Modern cybercrime thrives on two assumptions: anonymity and impunity. The Rewards for Justice program attacks both.
By placing explicit monetary value on betrayal of criminal networks, the U.S. government introduces systemic instability into otherwise insulated ecosystems. Every insider becomes a potential informant. Every syndicate must account for internal fracture.
In a world where code replaces borders and wallets replace vaults, enforcement must become asymmetrical. RFJ cyber tips represent that asymmetry.
It is not merely a reward program. It is a psychological weapon in the architecture of digital accountability.
Sources & Bibliography
- U.S. Department of State – Rewards for Justice Program
https://rewardsforjustice.net - U.S. Department of State – Cyber Rewards Program Overview
https://www.state.gov/rewards-for-justice-cyber/ - U.S. Department of Justice – Ransomware and Digital Extortion Guidance
https://www.justice.gov/opa/pr/justice-department-announces-new-cyber-rewards - Congressional Research Service – Rewards for Justice Program
https://crsreports.congress.gov/product/pdf/IF/IF12309 - Chainalysis – Crypto Crime and State-Sponsored Theft
https://www.chainalysis.com/blog/north-korea-crypto-hacks/ - United Nations Office on Drugs and Crime – Scam Centres and Trafficking in Southeast Asia
https://www.unodc.org/unodc/en/frontpage/2023/May/unodc-report-warns-of-scam-centres-and-transnational-organized-crime-in-southeast-asia.html
For deeper context on these power tactics, see our Intelligence Notes & Critical Reads.
