Published by Global Banking & Finance Review®
Posted on January 23, 2026
2 min readLast updated: January 23, 2026
Russian hackers, likely from the Sandworm group, targeted Polish energy systems in December using DynoWiper malware, but no disruptions occurred.
By AJ Vicens
Jan 23 (Reuters) - A notorious Russian military intelligence hacking unit with a track record of destructive cyber operations was likely behind the large cyberattacks that targeted Poland’s power system in late December, researchers said Friday.
Researchers with Slovakia-based ESET analyzed malware used during the attack and determined that it was the work of the hacking unit, tracked widely as Sandworm, based on how the group has operated in the past and code overlaps with other destructive cyberattacks carried out by the group over the years, the researchers said in a blog post.
The Russian Embassy in Washington did not immediately respond to a request for comment.
The hackers attempted to deploy a piece of malware dubbed DynoWiper that would have destroyed files on targeted computer systems and rendered them inoperable, according to the researchers.
“We’re not aware of any successful disruption occurring as a result of this attack,” the researchers said, echoing Polish Prime Minister Donald Tusk’s January 15 claim that the attacks were unsuccessful.
Milosz Motyka, Poland’s energy minister, told reporters January 13 that the cyberattack on the country’s power system in the final week of December was the strongest attack on the energy infrastructure in years.
Sandworm, which has been attributed to Russian military intelligence by the U.S. and British governments, has been linked to a string of high-profile and destructive cyber attacks dating back more than a decade. The December attack on Poland occurred on the tenth anniversary of the Sandworm-linked destructive malware attack on the Ukrainian power grid, “which resulted in the first-ever malware-facilitated blackout,” the ESET researchers said Friday.
(Reporting by AJ Vicens in Detroit; Editing by Alistair Bell)
Malware is malicious software designed to harm, exploit, or otherwise compromise computer systems. It includes viruses, worms, trojans, and ransomware.
Cybersecurity refers to the practice of protecting systems, networks, and programs from digital attacks. It involves implementing measures to safeguard data integrity and confidentiality.
Energy infrastructure includes the facilities and systems that generate, transmit, and distribute energy, such as power plants, electrical grids, and pipelines.
Digital transformation is the process of using digital technologies to fundamentally change how organizations operate and deliver value to customers.
A cyberattack is an attempt to damage, disrupt, or gain unauthorized access to computer systems or networks, often with malicious intent.
Explore more articles in the Finance category
