Ross of Ottawa
Negative PID SLCyber warfare groups: Sandworm
https://negativepid.blog/cyber-warfare-groups-sandworm/
#cyberWarfare #Sandworm #criticalInfrastructure #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid
MauroGataThe Sandworm by Travis Knight
#sandworm #worm #technical #illustration #design #art #illustration #TravisKnight #Knight
ESET Research#BREAKING #ESETresearch provides technical details on #DynoWiper, a data‑wiping malware used in a data‑destruction incident on December 29, 2025, affecting a company in Poland’s energy sector.
https://www.welivesecurity.com/en/eset-research/dynowiper-update-technical-analysis-attribution/
@CERT_Polska_en did an excellent job investigating the incident and published a detailed analysis in a report:
https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/
#ESETresearch attributes the attack to the 🇷🇺 Russia‑aligned #Sandworm APT group with medium confidence, based on strong overlaps in behavior and TTPs with multiple earlier Sandworm attacks. Specifically, DynoWiper operates in a broadly similar fashion to the ZOV wiper, which we attribute to Sandworm with high confidence.
IoCs available in our GitHub repo: https://github.com/eset/malware-ioc/tree/master/dynowiper
https://www.welivesecurity.com/en/eset-research/dynowiper-update-technical-analysis-attribution/
@CERT_Polska_en did an excellent job investigating the incident and published a detailed analysis in a report:
https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/
#ESETresearch attributes the attack to the 🇷🇺 Russia‑aligned #Sandworm APT group with medium confidence, based on strong overlaps in behavior and TTPs with multiple earlier Sandworm attacks. Specifically, DynoWiper operates in a broadly similar fashion to the ZOV wiper, which we attribute to Sandworm with high confidence.
IoCs available in our GitHub repo: https://github.com/eset/malware-ioc/tree/master/dynowiper
Anna Wasilewska-ŚpiochJeśli ktoś chce zerknąć do świeżo wydanego raportu firmy Dragos dotyczącego ataku na polski sektor energetyczny, to link znajdzie poniżej. Wskazywana przez badaczy grupa Electrum to nic innego jak Sandworm (wg nazewnictwa stosowanego przez ESET) czy po prostu APT44, czyli ślady prowadzą do Rosji. Ale szczegółów brak, same ogólniki. Sugeruję poczekać na publikację polskiego CERT-u, która ma szansę pojawić się już jutro.
https://5943619.hs-sites.com/hubfs/Reports/dragos-2025-poland-attack-report.pdf
CyberVeille.ch📢 Un wiper a visé le réseau électrique polonais, attaque attribuée à Sandworm mais déjouée
📝 Selon Ars Technica, s’appuyant sur une analyse d’ESET et des informations de...
📖 cyberveille : https://cyberveille.ch/posts/2026-01-26-un-wiper-a-vise-le-reseau-electrique-polonais-attaque-attribuee-a-sandworm-mais-dejouee/
🌐 source : https://arstechnica.com/security/2026/01/wiper-malware-targeted-poland-energy-grid-but-failed-to-knock-out-electricity/
#Pologne #Sandworm #Cyberveille
📝 Selon Ars Technica, s’appuyant sur une analyse d’ESET et des informations de...
📖 cyberveille : https://cyberveille.ch/posts/2026-01-26-un-wiper-a-vise-le-reseau-electrique-polonais-attaque-attribuee-a-sandworm-mais-dejouee/
🌐 source : https://arstechnica.com/security/2026/01/wiper-malware-targeted-poland-energy-grid-but-failed-to-knock-out-electricity/
#Pologne #Sandworm #Cyberveille
Teddy / Domingo (🇨🇵/🇬🇧)Sandworm Blamed for Wiper Attack on Poland Power Grid. Researchers attributed the failed attempt to the infamous Russian APT #sandworm, which is notorious for wiper attacks on critical infrastructure organizations.
https://www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
#russia #cyber #energy #cyberattack
https://www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
#russia #cyber #energy #cyberattack
Я⊛ḶḶ model ☭This is a sunspot. If it doesn't frighten you the same way it frightens me, you have no soul.
photo credit unknown, NASA probably.
Rene RobichaudSandworm Blamed for Wiper Attack on Poland Power Grid
https://www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
#Infosec #Security #Cybersecurity #CeptBiro #Sandworm #WiperAttack #Poland #PowerGrid