Wednesday, February 11, 2026
HomeHacking
Hacking

Sandworm behind cyberattack on Poland’s energy grid in late 2025

AIMaharshiBhrugu Bhatt
By AIMaharshiBhrugu Bhatt
0
11
Sandworm behind cyberattack on Poland’s energy grid in late 2025


The assault concerned data-wiping malware that ESET researchers have now analyzed and named DynoWiper

23 Jan 2026
 • 
,
1 min. learn

ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025

In late 2025, Poland’s power system confronted what has been described because the “largest cyberattack” concentrating on the nation in years. ESET Analysis has now discovered that the assault was the work of the infamous Russia-aligned APT group Sandworm.

“Based mostly on our evaluation of the malware and related TTPs, we attribute the assault to the Russia-aligned Sandworm APT with medium confidence as a result of a robust overlap with quite a few earlier Sandworm wiper exercise we analyzed,” mentioned ESET researchers. “We’re not conscious of any profitable disruption occurring on account of this assault,” they added.

Screenshot 2026-01-23 200943
Supply: ESET Analysis

Sandworm has a lengthy historical past of disruptive cyberattacks, particularly on Ukraine’s essential infrastructure. In the meantime, the assault on Poland’s energy grid within the final week of December concerned data-wiping malware that ESET has now analyzed and named DynoWiper. ESET safety options detect DynoWiper as Win32/KillFiles.NMO.

Whereas particulars relating to the meant impression proceed to be investigated, ESET researchers have highlighted the truth that the coordinated assault occurred on the tenth anniversary of the Sandworm-orchestrated assault in opposition to the Ukrainian energy grid, which resulted within the first ever malware-facilitated blackout. Again in December 2015, Sandworm used the BlackEnergy malware to realize entry to essential techniques at a number of electrical substations, leaving round 230,000 folks with out electrical energy for a number of hours.

Quick ahead a decade and Sandworm continues to focus on entities working in numerous essential infrastructure sectors, particularly in Ukraine. Of their newest APT Exercise Report, masking April to September 2025, ESET researchers famous that they noticed Sandworm conducting wiper assaults in opposition to targets in Ukraine frequently.

For any inquiries about our analysis printed on WeLiveSecurity, please contact us at threatintel@eset.com.

ESET Analysis affords non-public APT intelligence stories and information feeds. For any inquiries about this service, go to the ESET Menace Intelligence web page.

IoCs

SHA-1 Detection Description
4EC3C90846AF6B79EE1A5188EEFA3FD21F6D4CF6 Win32/KillFiles.NMO DynoWiper.
Previous article
Thomas Pilz on innovation and security in robotics
Next article
Superior 3D Printing and Round Design in Structure | VoxelMatters
AIMaharshiBhrugu Bhatt
AIMaharshiBhrugu Bhatthttp://technews12.com

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Load more

About US

Technews12 is your technology, IT and organic farming related website. We provide you with the latest breaking news and videos straight from the tech industry.

© Copyright 2024 - technews12.com. All rights reserved.

PHP Code Snippets Powered By : XYZScripts.com