YANDEX, THE RUSSIAN GOOGLE, was targeted by Western intelligence agencies last year, according to a report from Reuters.
Between October and November of 2018, hackers planted a strain of malware called Regin, which is said to be popular with Five Eyes. That's the intelligence-sharing alliance between America, Britain, Australia, Canada and New Zealand, rather than the burger chain. You're thinking of Five Guys.
Anyway, Reuters reckons that hackers could access Yandex's research and development unit for a number of weeks. Sources told the site that the aim was cyberespionage, not IP theft or physical destruction. Regin itself allows for a whole host of remote access Trojan function, like password theft, mouse hijacking and screenshot capture.
How effective was it? Not very if you trust Yandex itself, which denied there was much of a problem in a statement. "This particular attack was detected at a very early stage by the Yandex security team," said Yandex's Ilya Grabovsky. "It was fully neutralised before any damage was done."
The company added that no user data was lifted during the course of the attack. So you can rest easy if, for some reason, you were looking up some embarrassing stuff on a Russian search engine last November.
As for who was responsible, that's difficult to say. Although it's been used by Five Eyes before, attributing it to any given member state is nigh on impossible. One thing that can probably be ruled out, however, is this not being the work of a nation state. Sources told Reuters that some of the code found on Yandex systems hadn't been used in previous Regin attacks, meaning it's unlikely to be someone just pretending to be government backed.
Given the amount of coverage Russian hacking attempts get in the media, it's quite refreshing to hear of underhand tactics from Western governments. Although, of course, by definition, the best cyberattacks are the ones you never read about. µ
Not all it's Mac'd up to be
X marks the smart home
The lens said the better