Yandex denies it was hacked, says rogue employee to blame for breach

Source code allegedly from Yandex leaked onto hacking forum

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Russian internet giant Yandex has denied it suffered a cyberattack after some of its internal source code was posted online.

The leaker posted 44.7GB worth of files, which they say are “Yandex git sources”, as Torrent on a well-known hacker forum, with much of the company’s source code believed to be included.

The files are thought to date back to February 2022, and although the leak does contain some API keys, these are only thought to have been used for testing deployment.

TechRadar Pro needs you!We want to build a better website for our readers, and we need your help! You can do your bit by filling outour surveyand telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

Fake help desk emails

BleepingComputer reports that aninitial analysis of the filesby software engineer Arseniy Shestakov noted that technical data and code for many of Yandex’s top products appeared to be included.

Mail, Disk and Yandex Pay - the company’s email,cloud storageand payment processing services respectively - were among the platforms affected. Oddly enough, though, its anti-spam rules were not.

Scammers are spoofing official UK Government Energy Support Scheme websites>Chinese government hackers apparently stole millions in Covid benefits>Here’s our list of the best ID theft protection tools right now

Yandex denied that its systems had been hacked, instead blaming a former employee for leaking the source code repository.

“Yandex was not hacked. Our security service found code fragments from an internal repository in the public domain, but the content differs from the current version of the repository used in Yandex services,” the company told BleepingComputer in a statement.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“We are conducting an internal investigation into the reasons for the release of source code fragments to the public, but we do not see any threat to user data or platform performance.”

The news comes shortly after the UK’s National Cyber Security Centre (NCSC) issued a warning over the continual cyberattacks perpetrated byRussian and Iranian hacker groups.

Although the two groups do not appear in be in collusion, they are separately attacking the same types of organizations, which last year included government bodies, NGOs, and those in the defense and education sectors, as well as individuals such politicians, journalists and activists.

Via:BleepingComputer

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK’s leading national newspapers and fellow Future title ITProPortal, and when he’s not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics