Yandex denies it was hacked, says rogue employee to blame for breach

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)

Russian internet giant Yandex has denied it suffered a cyberattack after some of its internal source code was posted online.

The leaker posted 44.7GB worth of files, which they say are "Yandex git sources", as Torrent on a well-known hacker forum, with much of the company's source code believed to be included.

The files are thought to date back to February 2022, and although the leak does contain some API keys, these are only thought to have been used for testing deployment.

TechRadar Pro needs you! We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

Fake help desk emails

BleepingComputer reports that an initial analysis of the files by software engineer Arseniy Shestakov noted that technical data and code for many of Yandex's top products appeared to be included. 

Mail, Disk and Yandex Pay - the company's email, cloud storage and payment processing services respectively - were among the platforms affected. Oddly enough, though, its anti-spam rules were not.

Yandex denied that its systems had been hacked, instead blaming a former employee for leaking the source code repository.

"Yandex was not hacked. Our security service found code fragments from an internal repository in the public domain, but the content differs from the current version of the repository used in Yandex services," the company told BleepingComputer in a statement.

"We are conducting an internal investigation into the reasons for the release of source code fragments to the public, but we do not see any threat to user data or platform performance."

The news comes shortly after the UK's National Cyber Security Centre (NCSC) issued a warning over the continual cyberattacks perpetrated by Russian and Iranian hacker groups

Although the two groups do not appear in be in collusion, they are separately attacking the same types of organizations, which last year included government bodies, NGOs, and those in the defense and education sectors, as well as individuals such politicians, journalists and activists. 

Via: BleepingComputer

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.