A failed December attempt to bring down part of Poland’s energy grid was the work of Russian government hackers known for past power disruptions, according to a security research firm that investigated the incident.

Last week Poland’s Energy Minister Milos Motyka told reporters Hackers targeted two thermal and power plants, as well as renewable installations such as wind turbines and communication links between power distribution operators, in an attempted cyber attack on December 29 and 30.

Motyka called the incident the “strongest attack ever” by the Polish government on Poland’s energy infrastructure to blame Moscow to try. Local media Report Attacks that could knock out heat and power to at least half a million homes across the country.

Cyber ​​security firm ESET on Friday It says received A copy of the destructive malware, which it calls DinoWiper. This type of malware, known as “wiper” malware, is designed to irreversibly destroy data to prevent a computer from functioning.

ESET attributed the malware to known hacking groups with “moderate confidence”. SandwormSandworm’s past malware, a unit within Russia’s military intelligence agency GRU, is based on a “strong overlap” with his previous research, including the group’s use of destructive malware to target Ukraine’s energy sector.

Freelance journalist Kim Jeter First report the news

As noted by Zetter, the cyberattacks targeting Poland come nearly a decade after Sandworm’s first known cyberattack on Ukraine’s energy infrastructure in 2015, which caused power outages in more than 230,000 homes around the country’s capital, Kyiv. A year later, a similar cyber attack hit Ukraine’s energy system.

After the hacking attempt, Poland’s prime minister, Donald Tusk, said the country’s cybersecurity defenses had worked, and “at no time was critical infrastructure threatened.”