Russian internet giant Yandex has denied having suffered a cyberattack after part of its internal source code was published online.
The leaker posted 44.7GB worth of files, which they say are “Yandex git sources”, as a torrent on a well-known hacker forum, and much of the company’s source code is believed to be included.
The files are believed to be from February 2022, and although the leak contains some API keys, they are believed to have been used only for deployment testing.
Fake help desk emails
Bleeping Computer reported that initial analysis of the files by software engineer Arseniy Shestakov indicated that technical data and code for several major Yandex products were included.
Mail, Disk and Yandex Pay — the company’s email, cloud storage and payment processing services respectively — were among the affected platforms. Oddly enough, anti-spam rules were not.
> Scammers circumvent the official UK Government Energy Subsidy Scheme websites
> It appears that Chinese government hackers have stolen millions of Covid benefits
> Here is a list of the best identity theft protection tools out there right now
Yandex denied that its systems were hacked, instead blaming a former employee for his leaking of source code stock.
“Yandex was not hacked. Our security service found pieces of code from an internal repository in the public domain, but the content differs from the current version of the repository used in Yandex services,” the company told BleepingComputer in a statement.
“We are conducting an internal investigation into the reasons for releasing parts of the source code to the public, but we do not see any threat to user data or platform performance.”
The news comes shortly after the UK’s National Cyber Security Center (NCSC) issued a warning about ongoing cyberattacks perpetrated by Russian and Iranian hacker groups.
Although the two groups do not appear to be complicit, they are separately attacking the same types of organisations, which last year included government agencies, NGOs and those in the defense and education sectors, as well as individuals such as politicians, journalists and activists. .
- Here is our list of the best firewalls today
Via: BleepingComputer