Headquarters of Yandex company. Photo: ALEXANDER NEMENOV / Contributor/Getty Images
Last year, a "Five Eyes" nation — either the United States or one of its 4 closest intelligence partners — may have hacked Yandex, the Russian equivalent to Google, Reuters reports.
Why it matters: The goal appears to have been to find technical details on how Yandex users are authenticated, which could prove useful for breaking into accounts to read or modify messages, observe contacts or other such activities.
The backdrop: The Five Eyes nations — the U.S., Canada, U.K., Australia and New Zealand — share intelligence and intelligence gathering capabilities.
- Regin, the malware that was used in the Yandex operation, is used by Five Eyes nations. It is sophisticated malware with swappable components that have been used in the field since at least 2008.
Details: Reuters sites 4 people with knowledge on the matter.
- A Yandex spokesperson told Reuters: “This particular attack was detected at a very early stage by the Yandex security team. It was fully neutralized before any damage was done.”
- Reuters provided one detail attributing the attack to Five Eyes: The attack uses new code inside of Regin, so it seems less likely to be another hacker co-opting the malware for its own devices.
- It is unclear which nation would have been responsible for the hacking.