IT system audit specialists report that intelligence agencies in Five Eyes alliance member countries (US, UK, Australia, New Zealand and Canada) have been accused of hacking Yandex systems, a search engine most commonly known as the “Russian Google”.
The Reuters news agency released a report in
which four anonymous sources claim that Western spies operated a malware
infection campaign against Yandex developers over several weeks in 2018.
The Windows malware used by the alleged
hackers, known as Regin, was jointly developed by the UK’s GCHQ and the US’s
NSA for espionage purposes, according to WikiLeaks information. “This is a
modular malware designed for extensively intrusive surveillance operations”,
mentioned IT system audit specialists.
The hackers would have used the malware
against Yandex to track a specific group of programmers within the company’s
research and development area, possibly for the purpose of extracting private
conversations and so on confidential information. “Cyberattacks have
become very common. Our teams were able to detect this intrusion at an early
stage”, a company spokesman said.
Yandex security teams isolated the malware from
their networks and completely neutralized it before hackers managed to
compromise the company’s information; further details of the incident are still
unknown. “Our users’ information security is a fundamental issue for us.
After detecting this attack attempt, we implemented the relevant measures to
prevent this from happening again,” the company said.
Yandex is collaborating with Russian
information security firm Kaspersky, which conducted extensive research on
Regin malware a few years ago. Experts in IT system audit claim that it is the
security firm’s investigators who have pointed out the Five Eyes group as
guilty of this hacking campaign.
Specialists from the International Institute of
Cyber Security (IICS) mention that this is not the first time the Kremlin and
the White House accuse each other of cyber intrusions, primarily for espionage
purposes.
