My accountGet Surfshark
Research
Published:Sep 30, 2025

Cybersecurity|Cyberthreats

FBI offers millions in rewards for most wanted cybercriminals

Imagine losing your life savings in an instant or having your identity stolen and used to commit crimes. These are the harsh realities faced by victims of cybercrime. These digital offenses aren't victimless — they inflict genuine damage. To combat these threats, the FBI offers multi-million dollar rewards for information leading to the arrest of their most wanted cybercriminals. We looked closer at these cases and investigated specific crimes.

Key insights

  • To encourage public assistance, the FBI offers rewards for 42 out of the 133 individuals on its most wanted list. In total, the FBI is prepared to pay up to $274 million for information leading to arrests. Rewards for specific individuals can be as high as $10 million, with 19 people eligible for this maximum amount, while others range from $20,000 to $5 million.
  • Financial losses caused by these cybercriminals are difficult to pinpoint, as many cases involve attacks on hundreds of companies or numerous individual targets around the world. However, based on reported cases, combined financial losses amount to at least $3.4 billion. Remarkably, a single criminal from Vietnam is responsible for nearly $3 billion of that sum. Most of these funds are directly linked to global victimization through ransomware attacks, cryptocurrency heists, and other cybercrimes.
  • According to the FBI’s most wanted cybercriminal list, the most prevalent crime type is fraud, with 47 individuals sought for this offense. Cyberattacks targeting the government follow closely, with 35 individuals. Data theft is linked to 14 of the most wanted cybercriminals, while both cyberattacks on infrastructure and intelligence gathering account for 12 individuals each. Notably, ransomware attacks involve seven individuals, and spear phishing is associated with five most wanted suspects.
  • Fraud is the largest category among the most wanted cybercriminals, involving crimes such as selling bogus software, deploying malware via phishing emails to steal banking credentials, impersonating trusted persons to trick employees into making fraudulent wire transfers, selling fake identity documents to bypass online security, and operating botnets to steal personal information from infected computers within the botnet. The FBI offers rewards for 23 out of 43 cybercriminals in the fraud category, totaling $110 million.
  • The cyberattacks on the government category include interfering with US elections, defacing public websites with political messages, stealing the identities of politicians, unauthorized access to government computer systems, and stealing proprietary data from those systems. Although there are 35 people on this list, the FBI offers rewards of $10 million each for only three individuals. In contrast, the cyberattacks on infrastructure category — where cybercriminals target and compromise critical infrastructure in dozens of countries — includes 12 people on the list, with six rewards of $10 million each and one reward of $100K.
  • The next three categories include: data theft, where cybercriminals compromise computer networks worldwide, install malware for persistent access, and sell stolen sensitive information to various buyers; spear phishing campaigns, which target researchers, engineers, companies, and individuals to gain unauthorized account access; and intelligence gathering operations that steal critical information from industries such as aviation, space and satellite technology, manufacturing, oil and gas, and communications. In total, there are 32 people among these three categories. Two criminals wanted for data theft have rewards of $2 million each, and two wanted for spear phishing have rewards of $10 million each.
  • The last category is ransomware-related crimes, where cybercriminals encrypt victims’ files and demand ransom payments to unlock them. This type of crime affects numerous companies and individuals. The FBI offers $10 million rewards for five of the ten criminals on its most wanted list for ransomware-related cybercrimes. In fact, the most recent post by the FBI, made in September 2025, concerns a criminal wanted for a ransomware attack that compromised the computer networks of hundreds of companies worldwide, including more than 250 in the United States.

Methodology and sources

Data for this study was collected in September 2025 from the official FBI Most Wanted cybercriminals online database. We selected all individuals with dedicated wanted posters, ensuring access to detailed, person-specific information. For each individual, we recorded the type of alleged cybercrimes and details regarding bounties offered for arrest or disruption of activities. Individuals without personal profiles, or those included only as part of broader group listings, were excluded to maintain analytic consistency.

For the complete research material behind this study, visit here.

Data was collected from:

FBI. Most Wanted: Cybercrimes.
The team behind this research:About us

Related articles:

Windows users, beware: 7× more malware than macOS
Cyberthreats | Sep 2, 2025

Windows users, beware: 7× more malware than macOS

In 2025, Surfshark’s antivirus recorded 479K malware cases. Of these, 87% (419K) were on Windows and the remaining 13% (60K) on macOS.
Traveling soon? Protect your data from cybersecurity threats
Cyberthreats | Mar 25, 2025

Traveling soon? Protect your data from cybersecurity threats

What cybersecurity threats might you face when traveling? Cybersecurity expert Miguel Fornés reviewed the travel and tourism sector and discussed cybersecurity threats that may occur during your holidays.
Alaska leads US states in the rate of cybercrime complaints
Cyberthreats | Oct 29, 2024

Alaska leads US states in the rate of cybercrime complaints

Alaska tops the US in cybercrime complaints per 100,000 internet users, with 500+ complaints — over twice the national average