Nearly 45GB of source code files, allegedly stolen by a former employee, have revealed the underpinnings of Russian tech giant Yandex’s many apps and services. It also revealed key ranking factors for Yandex’s search engine, the kind almost never revealed in public.
The “Yandex git sources” were posted as a torrent file on January 25 and show files seemingly taken in July 2022 and dating back to February 2022. Software engineer Arseniy Shestakov claims that he verified with current and former Yandex employees that some archives “for sure contain modern source code for company services.” Yandex told security blog BleepingComputer that “Yandex was not hacked” and that the leak came from a former employee. Yandex stated that it did not “see any threat to user data or platform performance.”
The files notably date to February 2022, when Russia began a full-scale invasion of Ukraine. A former executive at Yandex told BleepingComputer that the leak was “political” and noted that the former employee had not tried to sell the code to Yandex competitors. Anti-spam code was also not leaked.