Signal

Reports tie wiper malware targeting poland’s power sector to sandworm

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-01-26 08:55 UTCUpdated 2026-01-26 18:06 UTC

rss

polandcritical_infrastructureenergy_sectorwiper_malwaresandwormrussia_attribution

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (4)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (4 domains)

4 top sources shown

Wiper Malware Targeting Poland's Power Grid Tied to Moscow

BankInfoSecurity · News · bankinfosecurity.com · 2026-01-26 18:06 UTC

Russian state hackers likely behind wiper malware attack on Poland’s power grid

The Record (Recorded Future News) · News · therecord.media · 2026-01-26 15:21 UTC

Moscow likely behind wiper attack on Poland’s power grid, experts say

theregister_security · News · go.theregister.com · 2026-01-26 11:54 UTC

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid

SecurityWeek · News · securityweek.com · 2026-01-26 08:55 UTC

View all evidence

Overview

A cluster of reports describes late-December 2025 attempts to compromise Polish power companies using wiper malware, with multiple outlets citing researchers who link the activity to Russia and the Sandworm threat actor. The coverage frames the operation as sabotage-oriented critical-infrastructure targeting rather than routine espionage.

Score total

1.37

Momentum 24h

4

Posts

4

Origins

4

Source types

1

Duplicate ratio

0%

Why now

A same-day burst of coverage consolidates researcher-led attribution to Sandworm.
Reporting spotlights late-December 2025 activity as a recent CI incident.
Multiple outlets emphasize wiper tooling and sabotage framing.

Why it matters

Wiper use suggests destructive intent in critical-infrastructure targeting.
Sandworm-linked activity would indicate continued pressure on European power-sector systems.
Even failed disruption attempts can expose operational and resilience gaps.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: high

Recurring claims

Late-December 2025 intrusions attempted to disrupt Poland’s power grid/power companies using wiper malware.
Researchers and reporting attribute the activity to Russia-linked Sandworm.

How sources frame it

The Record (Recorded Future News): neutral
The Register: neutral
BankInfoSecurity: neutral
SecurityWeek: neutral

Attribution and impact are framed as researcher/reporting claims; keep language conditional.

All evidence

All evidence

Wiper Malware Targeting Poland's Power Grid Tied to Moscow

BankInfoSecurity · bankinfosecurity.com · 2026-01-26 18:06 UTC

Russian state hackers likely behind wiper malware attack on Poland’s power grid

The Record (Recorded Future News) · therecord.media · 2026-01-26 15:21 UTC

Moscow likely behind wiper attack on Poland’s power grid, experts say

theregister_security · go.theregister.com · 2026-01-26 11:54 UTC

Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid

SecurityWeek · securityweek.com · 2026-01-26 08:55 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 4Origin domains: 4Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 4 / 0

Top publishers (this list)

BankInfoSecurity (1)
The Record (Recorded Future News) (1)
theregister_security (1)
SecurityWeek (1)

Top origin domains (this list)

bankinfosecurity.com (1)
therecord.media (1)
go.theregister.com (1)
securityweek.com (1)