ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
ID: a28edf84-dc53-5bb3-a52b-414f00f80d3e
STIX ID: report--a28edf84-dc53-5bb3-a52b-414f00f80d3e
Feed Name: WeLiveSecurity (ESET Research)
Threat Score
ESET Research reports that a late-2025 coordinated cyberattack against Poland's power grid involved a data-wiping malware the researchers named DynoWiper (detected as Win32/KillFiles.NMO) and attributes the activity with medium confidence to the Russia-aligned Sandworm APT, providing analysis, TTP overlap with previous wiper attacks, and a SHA-1 IoC while noting no confirmed successful disruption.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.