Reuters reports that hackers working for Western intelligence agencies hacked the Russian search engine Yandex in late 2018 and introduced a rare type of malware to spy on user accounts.
The report says that the attack was carried out using the Regin malware used by the Five Eyes Alliance, which, in addition to the US and the UK, includes Australia, New Zealand and Canada. Representatives of the special services of these countries have not yet commented on this message.
It is worth noting that cyberattacks by Western countries against Russia are rarely recognized and it is not customary to talk about them publicly. The source of the publication said that it is quite difficult to determine which country is behind the attack on Yandex. According to him, the introduction of the malicious code was carried out between October and November 2018.
Representatives of "Yandex" admitted that during the specified period, the search engine was indeed attacked. However, it was noted that the Yandex security service was able to detect suspicious activity at an early stage, which made it possible to completely neutralize the threat before hackers could do any harm. It was noted that no user data was compromised as a result of the attack.
According to a Reuters source who reported the hack, the attackers were trying to obtain technical information that would allow them to understand how Yandex authenticates users. With such data available, intelligence agencies could impersonate Yandex users, gaining access to their emails.
Recall that the Regin malware was identified as a tool of the Five Eyes alliance in 2014, when Edward Snowden, a former National Security Agency (NSA) employee, spoke publicly about it for the first time.
Source: 3dnews.ru