ESET researchers have attributed a failed cyberattack on Poland's power grid in December 2025 to the Russian nation-state hacking group Sandworm. The operation targeted critical infrastructure, including two heat and power plants and systems managing renewable energy sources like wind and solar farms. Although described as the strongest attack on the Polish energy sector in years, government officials confirmed the attempt was unsuccessful and caused no disruption to services.
During the intrusion attempt, a previously undocumented wiper malware codenamed "DynoWiper" was deployed. This malware shares functional overlaps with Sandworm’s historical toolkit, which has been used extensively against Ukrainian infrastructure. Notably, the attack occurred on the tenth anniversary of the infamous 2015 Sandworm operation that plunged parts of Ukraine into darkness, highlighting the group's continued focus on disrupting essential power services.
Top comments (0)