According to a Reuters report, hackers working for Western intelligence agencies reportedly broke into Yandex, the company often referred to as “Russia’s Google.”
The hackers were allegedly looking for technical information that would indicate how Yandex authenticates user accounts. That information could help a spy agency impersonate Yandex users and obtain access to their private messages.
In the fall of 2018, the hackers deployed a type of malware called Reign, which is linked to “Five Eyes,” an intelligence-sharing alliance comprised of the US, Britain, Australia, New Zealand and Canada. It’s unclear which of those countries might be behind the breach, though. A Yandex spokesperson told Reuters that the hack was detected early and that no user data was compromised, but Reuters‘ sources claim the hackers had access to Yandex’s research and development unit for at least several weeks.
As Reuters‘ notes, Western cyberattacks against Russia are rarely acknowledged, but earlier this month we learned that the US planted malware in Russia’s power grid. Last spring, a few months before the alleged Yandex hack, the US elevated its cyber warfare division and vowed to take a more aggressive approach to online threats. Even the private company Jigsaw, an Alphabet subsidiary, experimented with hiring a Russian troll just to see if it could. In those cases, some feared the US might provoke more digital aggression from Russia. This Yandex breach could add to those fears.