A former employee of Russian technology company Yandex recently released a source code repository with a total capacity of 44.7GB in the form of a torrent magnet link on a popular hacker forum .
The leaker claims these are 'Yandex git sources', stolen from the company in July 2022, and contain all source code except anti-spam rules.
After analyzing the leaked Yandex Git repository, software engineer Arseniy Shestakov found that it contained technical data and code for the following products:
- Yandex search engine and indexing bot
- Yandex map
- Alice (artificial intelligence assistant)
- Yandex Taxi
- Yandex Direct (advertising service)
- Yandex mail
- Yandex Disk (cloud storage service)
- Yandex Market
- Yandex Travel (travel booking platform)
- Yandex360 (Workspace service)
- Yandex Cloud
- Yandex Pay (payment processing service)
- Yandex Metrika (Internet analytics)
Directory of leaked files: http://gist.github.com/ArseniyShestakov/53a80e3214601aa20d1075872a1ea989
Yandex said in a statement in response to the media that their systems were not hacked and that a former employee leaked the source code repository. No threats to user data or platform performance have been identified so far.
But security researchers said it was only a matter of time before Yandex's leaked code made it possible for hackers to identify security flaws and create targeted exploits.