top of page
ALL POSTS
Lotus Wiper Malware Campaign Targets Venezuelan Energy Infrastructure in Coordinated Destructive Attack
Key Findings Previously undocumented data wiper dubbed Lotus Wiper deployed against Venezuelan energy and utilities sector in late 2025 and early 2026 Multi-stage attack uses two batch scripts to disable system defenses before executing the wiper payload, which overwrites drives and deletes all recoverable data No ransom demands present, indicating destructive intent rather than financial motivation Malware compiled September 2025, uploaded December 2025, suggesting attackers
Apr 223 min read
New DynoWiper Malware Targets Polish Power Sector in Sandworm Attack
Key Findings The Russian nation-state hacking group known as Sandworm attempted a significant cyber attack targeting Poland's power sector in late December 2025. The attack involved the deployment of a previously undocumented wiper malware called DynoWiper. The attack was ultimately unsuccessful, with no evidence of successful disruption to Poland's energy infrastructure. This activity occurred on the 10th anniversary of Sandworm's 2015 attack against the Ukrainian power grid
Jan 242 min read
Exposed: Amazon's Years-Long Cyber Campaign against GRU Targeting Energy and Cloud Infrastructure
Key Findings Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. The activity has been attributed with high confidence to Russia's Main Intelligence Directorate (GRU), citing infrastructure overlaps with APT44, also known as FROZENBARENTS, Sandworm, Seashell Blizzard, and Voodoo Bear. The campaign targeted energy sector organizations across Western natio
Dec 17, 20252 min read
bottom of page
