Orangeworm
Orangeworm is a group that has targeted organizations in the healthcare sector in the United States, Europe, and Asia since at least 2015, likely for the purpose of corporate espionage. Reverse engineering of Kwampirs, directly associated with Orangeworm activity, indicates significant functional and development overlaps with Shamoon.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 Low0.0
None signal strength
Mentions0
Sources0
High conf.0
First observed
2018-10-17
Last active
—
Origin
Unknown — financially motivated cybercriminal group, no state attribution
Aliases
1
Techniques
2
Campaigns
0
Attribution signals
No attribution signals extracted yet — signals populate automatically as articles are processed.