The Russian nation-state hacking group Sandworm was attributed by ESET to a December 29–30, 2025 attempted disruptive attack on Poland’s energy sector that used a previously undocumented wiper called DynoWiper. Polish officials, including Energy Minister Milosz Motyka and Prime Minister Donald Tusk, said the attack failed and the government is preparing stricter IT/OT safeguards and cybersecurity legislation. #Sandworm #DynoWiper
Keypoints
- ESET attributed the late-December 2025 attack on Polish energy infrastructure to Sandworm.
- The attackers deployed a previously undocumented wiper malware dubbed DynoWiper.
- Targets included two combined heat and power (CHP) plants and a renewable energy management system.
- Poland reported no evidence of successful disruption and is strengthening IT/OT defenses and incident-response requirements.
- Sandworm’s activity mirrors past destructive campaigns using BlackEnergy, KillDisk, HermeticWiper, PathWiper, ZEROLOT, and Sting against Ukrainian infrastructure.
Read More: https://thehackernews.com/2026/01/new-dynowiper-malware-used-in-attempted.html