Clicky

Western governments issued a “Regin” malware attack on Russia’s Yandex service, Reuters reports

Spokesperson for Yandex, Ilya Grabovsky, confirmed the incident.

Tired of censorship and surveillance?

Defend free speech and individual liberty online. Push back against Big Tech and media gatekeepers. Subscribe to Reclaim The Net.

Yandex, a Russian and regional internet powerhouse, was the target of a Western cyber attack last year, Reuters said it learned from sources.

The agency cites four people and says that a spokesperson for Yandex, Ilya Grabovsky, confirmed the incident.

Grabovsky also said that the event – that reportedly took place between October and November 2018, had been quickly discovered before malware did any damage – i.e., that user data was protected.

One of the sources cited by Reuters said the attack went on “at least several weeks” before being detected – and the hackers weren’t out to steal any intellectual property. Reportedly “merely” engaging in a spot of espionage.

The agency said the goal of these allegedly Western perpetrators was to spy on Yandex users by gaining access to their data on the platform.

The reason for pointing the finger at the West is the malware used in the attack: Regin, which is said to be “known to be used” by the US, UK, Australia, New Zealand, and Canada, as part of their “Five Eyes” intelligence alliance.

Reuters further cited its sources to report that the goal of the attackers was to pose as Yandex users and breach their private messages.

The attack seems to have been discovered as the hackers were attempting to learn, by infiltrating the company’s R&D segment, how Yandex authenticates accounts.

As ever, discovering who actually commits a cyber attack is virtually impossible, and the attribution often relies on little more than circumstantial evidence – such as the source of the original version of a piece of malware.

But Reuters said a source from the security firm Kaspersky, who handled the problem on behalf of Yandex, “privately assessed” that the attack “likely” came from the West.

Meantime in the Kremlin, spokesman Dmitry Peskov suggested that while the authorities didn’t know of this particular incident, if true, it would not be entirely newsworthy.

That’s because cyber attacks against Russian assets are an everyday occurrence – and many do come from the West, said Peskov.

Reuters also recalled that Yandex, that has 108 million users, is now more stringently regulated, as per Russia’s new internet legislation.

If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net.

Tired of censorship and surveillance?

Defend free speech and individual liberty online. Push back against Big Tech and media gatekeepers. Subscribe to Reclaim The Net.

Read more

Share