In the fall of 2018, the hackers deployed a type of malware called Reign, which is linked to "Five Eyes," an intelligence-sharing alliance comprised of the US, Britain, Australia, New Zealand and Canada. It's unclear which of those countries might be behind the breach, though. A Yandex spokesperson told Reuters that the hack was detected early and that no user data was compromised, but Reuters' sources claim the hackers had access to Yandex's research and development unit for at least several weeks.
As Reuters' notes, Western cyberattacks against Russia are rarely acknowledged, but earlier this month we learned that the US planted malware in Russia's power grid. Last spring, a few months before the alleged Yandex hack, the US elevated its cyber warfare division and vowed to take a more aggressive approach to online threats. Even the private company Jigsaw, an Alphabet subsidiary, experimented with hiring a Russian troll just to see if it could. In those cases, some feared the US might provoke more digital aggression from Russia. This Yandex breach could add to those fears.