The targets of the attacks are, among other things, substations in order to paralyze the Ukrainian power grid if they fail ( HERE ) and cause blackouts. This specific attack involved the power supply of 2 million Ukrainians ( HERE ). Back in 2015, a hacker attack led to large-scale power outages.
What happened?
At a press conference on Tuesday, April 12, Viktor Zhora, a high-ranking representative of the Ukrainian IT security authority, reported that Ukraine had been exposed to particularly massive attacks for a long time and since the beginning of the war and that great efforts had been made to secure the electricity network. Nevertheless, hackers managed to compromise the systems of an unnamed company that is one of the largest private electricity suppliers and is responsible for supplying electricity to two million people ( HERE ). The hackers wanted to strike at 4:10 p.m. on Friday. However, the attack was repelled.
Zhora about this:
“The hackers planned the electrical outages for April 8th, to strike on Friday evening, before the weekend. It looks like we have been extremely lucky to respond to this in a timely manner.”
“The hackers planned the blackouts for April 8th to strike on the Friday evening before the weekend. It looks like we were very lucky that we were able to respond in a timely manner."
The Ukrainian security authorities were supported by experts from the Slovak IT security company ESET and Microsoft.
Military hacker collective Sandworm responsible?
ESET researchers worked closely with the Ukrainian CERT (Crisis Emergency Response Team) to successfully repel the attack so far. They discovered evidence of a variant of the Industroyer malware that is believed to be responsible for the 2015 attack. The new variant goes under the name Industroyer2 and is attributed to a hacker collective called Sandworm.
The name Sandworm refers to lines of code in previous malware that contained references to Frank Herbert's novel Dune. Western IT experts and secret services had previously assumed that Sandworm was connected to the Russian military intelligence service GRU ( HERE ). In 2020, the US Department of Justice was able to clearly assign Sandworm to a GRU military unit ( HERE ).
Several members of the hacker collective are wanted by the FBI.

Just in March, the American FBI stopped a botnet that had been using the computing power of numerous hijacked computers for cyberattacks on a large scale using Sandworm malware ( HERE ).
ESET regularly publishes the latest findings on Sandworm's extensive activities in a blog ( HERE ).
Conclusion
The war in Ukraine is taking place not only on the battlefield, but also on the Internet. Since the beginning of the war, Russian attacks on critical Ukrainian infrastructure, here the electricity grids, have increased massively. Despite increased defense measures, the Russian military hacker collective Sandworm managed to break into the systems of a private electricity supplier for 2 million Ukrainians. However, this attack was repelled in time and a blackout was prevented.
In keeping with the topic of
cyber espionage: Lured into a trap with fake news about the Ukraine war
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

