DYNOWIPER: Destructive Malware Targeting Poland's Energy Sector

On December 29, 2025 a coordinated destructive cyber campaign leveraging a custom wiper called DYNOWIPER targeted more than 30 renewable energy sites and a major CHP plant in Poland; the report provides sample metadata and technical analysis of the wiper, IOCs (file hashes, distribution scripts, IPs), a YARA rule, mapped MITRE ATT&CK TTPs, vendor attributions to a state-aligned threat cluster, and operational recommendations (behavioral canary protection, MFA, FortiGate audits, backup recovery).