A former employee allegedly caused the Yandex source code leak

Rogue Employee Retaliation Yandex Source Code Data Leak Search Engine Russia

The Yandex source code repository leak was not the result of a cybersecurity attack after the Russian technology company claimed that the data exposure was caused by one of its former employees.

Earlier this week, an unidentified user posted a magnet link, seemingly a Yandex Git source containing over 40GB of stolen files from the company last July. The code repositories allegedly include all company source codes aside from the anti-spam rules.

A researcher said that some of the data included in the leaked source code are essential tools such as the Yandex search engine and indexing bot. In addition, Yandex Maps, Yandex search engine and indexing bot, Alice (AI assistant), Yandex Taxi, Yandex Direct (ads service), and more are displayed on the leak.

The researcher also shared a directory listing of the exposed archives on GitHub so the other users could confirm the leak’s legitimacy.

However, Yandex claimed their systems did not have any unauthorised intrusion; instead, a former employee leaked their source code repository.

The Yandex source code leak is a byproduct of an employee’s grudge against the company.

According to a former senior systems admin in the affected company, the Yandex source code leak could have started on a political motive or grudge. These speculations could be factual, as the rogue Yandex employee responsible for the leak did not try to offer the codes to hackers or competitors.

Furthermore, the lead does not include samples of customer data; hence, it does not fall under the risk to the privacy of Yandex users and does not directly threaten to leak the company’s technology.

Unfortunately, the leaked source code could create an opening for malicious actors to find security gaps in the company to exploit.

Yandex responded to the leak by claiming that the leaked source code is not identical to the current code they use in their working services. However, some experts believe that the exposed source code could still be close to the ones the company uses today.

Threat actors who will put effort into analysing the leaked source code could still execute an attack against the Russian company.

Protecting the world’s leading Enterprise and Government organisations

iZOOlogic enables the business to pro-actively detect and respond to external threat

Protecting the world’s leading Enterprise and Government organisations

iZOOlogic enables the business to pro-actively detect and respond to external threat

Protecting the world’s leading Enterprise and Government organisations

iZOOlogic enables the business to pro-actively detect and respond to external threat

Protecting the world’s leading Enterprise and Government organisations

iZOOlogic enables the business to pro-actively detect and respond to external threat

Protecting the world’s leading Enterprise and Government organisations

iZOOlogic enables the business to pro-actively detect and respond to external threat

Protecting the world’s leading Enterprise and Government organisations

iZOOlogic enables the business to pro-actively detect and respond to external threat

Protecting the world’s leading Enterprise and Government organisations

iZOOlogic enables the business to pro-actively detect and respond to external threat

Protecting the world’s leading Enterprise and Government organisations

iZOOlogic enables the business to pro-actively detect and respond to external threat

A former employee allegedly caused the Yandex source code leak

The Yandex source code leak is a byproduct of an employee’s grudge against the company.

iZOOlogic

Leave a Reply Cancel Reply

Categories

Contact Us

Contact Us

Solutions

Company

Resources