Russian Internet giant Yandex reported that hackers working for Western intelligence had access to the company's systems for several weeks. Yandex stated that the hacking attempt was neutralized immediately.
Yandex claims that hackers did not get access to user data. Moreover, the attack did not cause any damage. Sana Paritova, the Head of corporate communications of Yandex, stated, "We can assure you that the attackers are unable to access data of users of Yandex services.”
Yandex specialists “promptly identified and neutralized at the beginning” the hacking attempt.
The company stated, “Yandex, as well as all the major Internet companies, are regularly confronted with various types of cyber threats. Our corporate policy does not imply the dissemination of detailed information about such cases.”
Recall that the Agency Reuters reported that in October or November 2018, hackers working for Western intelligence services hacked the company in order to spy on user accounts. According to the Agency, employees of Western intelligence agencies have installed a malicious program Regin used by the Five Eyes Alliance. This program allows them to impersonate users and access their messages.
The malicious software involved in the hacking is used by the United States, the United Kingdom, Australia, New Zealand and Canada. It was not possible to determine which country was behind the attack.
The article states that hackers were interested in technical information that allows them to understand how Yandex identifies user accounts. Possessing it, foreign intelligence could impersonate the user and gain access to their messages. The ultimate goal of the hacking was espionage, it was not an attempt to steal intellectual property.
Sources also said that hackers had access to Yandex systems for at least a couple of weeks.
The company turned to Kaspersky Lab, which found that the target of the attack was a group of Yandex developers.
It’s interesting to note that Yandex is working in the field of information technology. It owns the eponymous search engine on the Internet, an Internet portal, a number of different information services.
Recall that earlier EhackingNews was reported that cyber attacks with the use of the Troldesh encryption virus, also known as Shade, XTBL, Trojan.Encoder.858, Da Vinci and No_more_ransome, have again increased in Russia.