Yandex denies it was hacked, says rogue employee to blame for breach

Russian internet giant Yandex has denied it suffered a cyberattack after some of its internal source code was posted online.

The leaker posted 44.7GB worth of files, which they say are “Yandex git sources”, as Torrent on a well-known hacker forum, with much of the company’s source code believed to be included.

The files are thought to date back to February 2022, and although the leak does contain some API keys, these are only thought to have been used for testing deployment.

Fake help desk emails

BleepingComputer reports that an initial analysis of the files by software engineer Arseniy Shestakov noted that technical data and code for many of Yandex’s top products appeared to be included. 

Mail, Disk and Yandex Pay – the company’s email, cloud storage and payment processing services respectively – were among the platforms affected. Oddly enough, though, its anti-spam rules were not.

Yandex denied that its systems had been hacked, instead blaming a former employee for leaking the source code repository.

“Yandex was not hacked. Our security service found code fragments from an internal repository in the public domain, but the content differs from the current version of the repository used in Yandex services,” the company told BleepingComputer in a statement.

“We are conducting an internal investigation into the reasons for the release of source code fragments to the public, but we do not see any threat to user data or platform performance.”

The news comes shortly after the UK’s National Cyber Security Centre (NCSC) issued a warning over the continual cyberattacks perpetrated by Russian and Iranian hacker groups

Although the two groups do not appear in be in collusion, they are separately attacking the same types of organizations, which last year included government bodies, NGOs, and those in the defense and education sectors, as well as individuals such politicians, journalists and activists. 

Via: BleepingComputer

Go to Source