Russian search platform, Yandex, also a competitor of Google was hacked by Western intelligence, according to a report on Reuters. The alleged hack occurred to search for information on how Yandex authenticates user accounts.
As per the reports, the hack occurred between October and November in 2018. The report also quoted four people under anonymity who had knowledge of the hack. A malware dubbed as Regin was used to penetrate into the systems. Apparently, Regin is a tool that is used by the “Five Eyes,” an intelligence nexus which comprises of United States, Britain, Australia, New Zealand, and Canada.
Ilya Grabovsky, a spokesperson from Yandex acknowledged the hack but did not provide any other details. “the attack was detected early on by Yandex’s security team, which stopped it before any damage was done. No user data was compromised by the attack.” According to reports, when Yandex suspected a malware outbreak, they immediately notified a team of security specialists from Kaspersky who identified the type of malware and indicated that programmers inside Yandex were targeted in the attack.
Further analysis by Kaspersky revealed that the attackers originated from Western intelligence with the sole intention of cyber espionage, “rather than to disrupt or steal intellectual property,” the researchers said. According to several security experts, the tools used in the Yandex hack was never seen or used in any other cyber attack and was one of a kind.
Several key bodies were reached out by Reuters for comment but almost all the western agencies declined. Dmitry Peskov, a spokesman from Kremlin told Reuters that the Government of Russia was not aware of the attack. “Yandex and other Russian companies are attacked every day. Many attacks come from Western countries,” he added.
Meanwhile, cybersecurity firm Symantec stated that even they recently discovered a new version of Regin. “Regin is the crown jewel of attack frameworks used for espionage. Its architecture, complexity and capability sits in a ballpark of its own,” Vikram Thakur, technical director at Symantec Security Response, told Reuters. “We have seen different components of Regin in the past few months. Based on the victimology coupled with the investment required to create, maintain, and operate Regin, we believe there are at best a handful of countries that could be behind its existence. Regin came back on the radar in 2019.”