Yandex downplays leak as researchers find Putin-related queries the engine blocked
Yandex admitted the leaked source code was taken from the Russian tech giant as researchers identified Yandex’s search engine blocks results that might put Russian president Vladimir Putin in a negative light.
Russia’s largest IT firm Yandex admitted that a recently published archive with over 44GB of data comes from inside the company.
“The published snippets are indeed taken from our internal repository, a tool that the company’s developers use to work with the code,” Yandex said in a statement.
Last week someone uploaded an archive on a popular hacking forum. The leak included the source code of all major Yandex services, including its search engine, maps, taxi, email, food delivery, and others.
However, Yandex downplayed the breach’s impact, saying that the leaked archive contains outdated data that differs from what the company currently uses.
The company said the published fragments don’t pose any danger to Yandex’s users or the integrity of its services. At the same time, an investigation revealed violations of company policy, such as code containing driver’s license details of some of Yandex’s partners.
“Now we are very ashamed, and we apologize to our users and partners. We consider it necessary to explain why this happened and what we intend to do about it,” the company said.
Safeguarding Putin’s image
Russian researchers and journalists were quick to analyze what the source code of a company sometimes dubbed “Russia’s Google” could reveal about the inner workings of the tech giant.
According to an independent Russian and English news website Meduza, the source code leak shows how Yandex tried to protect Russia’s president Vladimir Putin from being associated with negative images on its search engine.
For example, Yandex tried to make it impossible for users to find an image of Putin when searching for profane words and phrases. However, Yandex also did not allow its search engine to associate Putin with the word “bald” and terms such as “bunker grandfather” or “master thief.”
Yandex reached out to Cybernews, adding that the parts of the code are not currently used by the company's search engine.
"The code fragments mentioned in the article is not active in Yandex search. Meduza, which you are referring to, wrote about it in their piece, saying that they were able to find images of the Russian president in Yandex’s search for all queries," the company's representative said.
Interestingly, the search engine also had specific rules not to allow any association between the “Z symbol” that Russia used in its war in Ukraine and the Nazis.
As security researcher Banteg noted on Twitter, if you search for “Z symbol,” it adds a lot of negative prompts related to Nazi military emblems used in the Second World War.
Two months after Russia invaded Ukraine last year, Yandex announced it would sell its news aggregation platform and infotainment service Zen to VKontakte (VK), Russia’s primary social network.
Last May, the EU sanctioned the company’s co-founder Arkady Volozh, claiming his search engine is “de-ranking and removing content critical of the Kremlin, such as content related to Russia’s war of aggression against Ukraine.”
Last November, Reuters said that the Russian president had discussed the future of Yandex. Sources said that Putin wants to install the former Finance Minister Alexei Kudrin to take up a position with Yandex.
Yandex is a Nasdaq traded company, employing thousands of people. The tech giant has offices in several European countries, as well as China and Russia. The company is owned by a holding company registered in the Netherlands.
More from Cybernews:
Subscribe to our newsletter