22.5 C
Canberra
Sunday, January 25, 2026
HomeCyber Security
Cyber Security

Sandworm behind cyberattack on Poland’s energy grid in late 2025

sales@avisionmarketing.com
By sales@avisionmarketing.com
0
1
Sandworm behind cyberattack on Poland’s energy grid in late 2025


The assault concerned data-wiping malware that ESET researchers have now analyzed and named DynoWiper

ESET Research

23 Jan 2026
 • 
,
1 min. learn

ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025

In late 2025, Poland’s vitality system confronted what has been described because the “largest cyberattack” focusing on the nation in years. ESET Analysis has now discovered that the assault was the work of the infamous Russia-aligned APT group Sandworm.

“Primarily based on our evaluation of the malware and related TTPs, we attribute the assault to the Russia-aligned Sandworm APT with medium confidence attributable to a powerful overlap with quite a few earlier Sandworm wiper exercise we analyzed,” mentioned ESET researchers. “We’re not conscious of any profitable disruption occurring on account of this assault,” they added.

Screenshot 2026-01-23 200943
Supply: ESET Analysis

Sandworm has a lengthy historical past of disruptive cyberattacks, particularly on Ukraine’s crucial infrastructure. In the meantime, the assault on Poland’s energy grid within the final week of December concerned data-wiping malware that ESET has now analyzed and named DynoWiper. ESET safety options detect DynoWiper as Win32/KillFiles.NMO.

Whereas particulars concerning the meant affect proceed to be investigated, ESET researchers have highlighted the truth that the coordinated assault occurred on the tenth anniversary of the Sandworm-orchestrated assault in opposition to the Ukrainian energy grid, which resulted within the first ever malware-facilitated blackout. Again in December 2015, Sandworm used the BlackEnergy malware to realize entry to crucial programs at a number of electrical substations, leaving round 230,000 folks with out electrical energy for a number of hours.

Quick ahead a decade and Sandworm continues to focus on entities working in numerous crucial infrastructure sectors, particularly in Ukraine. Of their newest APT Exercise Report, masking April to September 2025, ESET researchers famous that they noticed Sandworm conducting wiper assaults in opposition to targets in Ukraine frequently.

For any inquiries about our analysis printed on WeLiveSecurity, please contact us at threatintel@eset.com.

ESET Analysis affords personal APT intelligence stories and information feeds. For any inquiries about this service, go to the ESET Menace Intelligence web page.

IoCs

SHA-1 Detection Description
4EC3C90846AF6B79EE1A5188EEFA3FD21F6D4CF6 Win32/KillFiles.NMO DynoWiper.
Previous article
FAA Reagan Nationwide airspace restrictions
Next article
Finest cross-tenant migration device: Securing enterprise cloud transitions
sales@avisionmarketing.com
sales@avisionmarketing.comhttp://osrtech.net

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

[td_block_social_counter facebook="tagdiv" twitter="tagdivofficial" youtube="tagdiv" style="style8 td-social-boxed td-social-font-icons" tdc_css="eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjM4IiwiZGlzcGxheSI6IiJ9LCJwb3J0cmFpdCI6eyJtYXJnaW4tYm90dG9tIjoiMzAiLCJkaXNwbGF5IjoiIn0sInBvcnRyYWl0X21heF93aWR0aCI6MTAxOCwicG9ydHJhaXRfbWluX3dpZHRoIjo3Njh9" custom_title="Stay Connected" block_template_id="td_block_template_8" f_header_font_family="712" f_header_font_transform="uppercase" f_header_font_weight="500" f_header_font_size="17" border_color="#dd3333"]
- Advertisement -spot_img

Latest Articles

Load more

ABOUT US

Osrtech is your Technology, Nanotechnology, 3D Printing, Cloud Computing, Robotics, IOS Development, Big Data, Telecom, Cyber Security, 3D Printing and Artificial Intelligence related news website. We provide you with the latest breaking news and videos straight from the Tech industry.

Copyright © osrtech.net. All rights reserved.