TZUTC: -0500
MSGID: 2055.consprcy@1:2320/105 2ddcbcf8
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
Researchers say Russian government hackers were behind attempted Poland power
outage

Date:
Mon, 26 Jan 2026 11:20:00 +0000

Description:
ESET says Sandworm used a piece of malware called DynoWiper to carry out
attack on Polish systems.

FULL STORY

The devastating December 2025 cyberattack on Polands energy system was most
likely the work of Sandworm, an infamous Russian state-sponsored threat 
actor, experts have said 

Based on our analysis of the malware and associated TTPs, we attribute the
attack to the Russia-aligned Sandworm APT with medium confidence due to a
strong overlap with numerous previous Sandworm wiper activity we analyzed,
ESET researchers said in a new report . 

Were not aware of any successful disruption occurring as a result of this
attack, the researchers added, saying they attributed the attack to the
Russians with medium confidence.

'Celebrating' anniversaries 

In late 2025, Polands power system faced the largest cyberattack in years,
when threat actors deployed DynoWiper, a piece of malware that simply deletes
all of the data it finds. Somehow, it was stopped before being able to do any
meaningful harm. 

At the time, the countrys energy minister, Milosz Motyka, told reporters that
the failed attack sought to disrupt the communication between renewable
installations and the power distribution operators, Reuters reported. 

"The command of the cyberspace forces has diagnosed in the last days of the
year the strongest attack on the energy infrastructure in years," Motyka was
cited saying. 

ESET also stressed the symbolism of the attack, since exactly 10 years ago,
Sandworm launched its first-ever attack on the Ukrainian power grid, which
resulted in a blackout that lasted a couple of hours. Back then, Sandworm 
used the BlackEnergy malware to gain access to critical systems at several
electrical substations and managed to leave around 230,000 people without
electricity. 

Ever since the Russian invasion on neighboring Ukraine, other countries in 
the region, including Poland, were subject to a growing number of
cyberattacks. Polish critical infrastructure was not spared, forcing the
countrys military to chime in and help the nations power grid operator 
protect critical transformer stations. 

In September 2025, Poland also experienced a major railway explosion, which
was also attributed to Russian sabotage. Warsaw described it as Russian state
terrorism, while Moscow denied any involvement. 

======================================================================
Link to news story:
https://www.techradar.com/pro/security/researchers-say-russian-government-hack
ers-were-behind-attempted-poland-power-outage

$$
--- SBBSecho 3.28-Linux
 * Origin: Capitol City Online (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 134 206 300 307 317 400 426 428 470
SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426