Researchers say Russian government hackers were behind attempted Poland power outage
Date:
Mon, 26 Jan 2026 11:20:00 +0000
Description:
ESET says Sandworm used a piece of malware called DynoWiper to carry out attack on Polish systems.
FULL STORY ======================================================================ESET links December 2025 Poland energy cyberattack to Sandworm DynoWiper malware attempted disruption but was stopped before causing significant damage Attack echoes Sandworms 2015 Ukraine blackout; Poland faces rising Russian cyber and sabotage threats
The devastating December 2025 cyberattack on Polands energy system was most likely the work of Sandworm, an infamous Russian state-sponsored threat
actor, experts have said
Based on our analysis of the malware and associated TTPs, we attribute the attack to the Russia-aligned Sandworm APT with medium confidence due to a strong overlap with numerous previous Sandworm wiper activity we analyzed, ESET researchers said in a new report .
Were not aware of any successful disruption occurring as a result of this attack, the researchers added, saying they attributed the attack to the Russians with medium confidence. 'Celebrating' anniversaries
In late 2025, Polands power system faced the largest cyberattack in years, when threat actors deployed DynoWiper, a piece of malware that simply deletes all of the data it finds. Somehow, it was stopped before being able to do any meaningful harm.
At the time, the countrys energy minister, Milosz Motyka, told reporters that the failed attack sought to disrupt the communication between renewable installations and the power distribution operators, Reuters reported.
"The command of the cyberspace forces has diagnosed in the last days of the year the strongest attack on the energy infrastructure in years," Motyka was cited saying.
ESET also stressed the symbolism of the attack, since exactly 10 years ago, Sandworm launched its first-ever attack on the Ukrainian power grid, which resulted in a blackout that lasted a couple of hours. Back then, Sandworm
used the BlackEnergy malware to gain access to critical systems at several electrical substations and managed to leave around 230,000 people without electricity.
Ever since the Russian invasion on neighboring Ukraine, other countries in
the region, including Poland, were subject to a growing number of cyberattacks. Polish critical infrastructure was not spared, forcing the countrys military to chime in and help the nations power grid operator
protect critical transformer stations.
In September 2025, Poland also experienced a major railway explosion, which was also attributed to Russian sabotage. Warsaw described it as Russian state terrorism, while Moscow denied any involvement.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
======================================================================
Link to news story:
https://www.techradar.com/pro/security/researchers-say-russian-government-hack ers-were-behind-attempted-poland-power-outage
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)