A failed December attempt to disrupt parts of Poland’s energy grid used destructive “wiper” malware that security firm ESET calls DynoWiper. ESET attributed the attack with medium confidence to Russia’s Sandworm unit of the GRU, and Polish officials said defenses held and critical infrastructure was not compromised. #DynoWiper #Sandworm
Keypoints
- ESET obtained a copy of destructive malware it named DynoWiper.
- The December 29–30 attack targeted two heat and power plants and communications for renewable installations.
- Polish officials called it the strongest attack in years but said critical infrastructure was not threatened.
- ESET attributed the malware to Sandworm with medium confidence based on overlaps with past tools.
- The incident mirrors Sandworm’s 2015–2016 attacks on Ukraine’s energy sector that caused widespread outages.