0attributed CVEs
4ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[Orangeworm](https://attack.mitre.org/groups/G0071) is a group that has targeted organizations in the healthcare sector in the United States, Europe, and Asia since at least 2015, likely for the purpose of corporate espionage.(Citation: Symantec Orangeworm April 2018) Reverse engineering of [Kwampirs](https://attack.mitre.org/software/S0236), directly associated with [Orangeworm](https://attack.mitre.org/groups/G0071) activity, indicates significant functional and development overlaps with [Shamoon](https://attack.mitre.org/software/S0140).(Citation: Cylera Kwampirs 2022)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
CM-2 | 4 / 4 | 100% |
CM-6 | 4 / 4 | 100% |
CM-7 | 4 / 4 | 100% |
SI-4 | 4 / 4 | 100% |
AC-4 | 3 / 4 | 75% |
CA-7 | 3 / 4 | 75% |
SC-7 | 3 / 4 | 75% |
AC-17 | 2 / 4 | 50% |
AC-2 | 2 / 4 | 50% |
AC-3 | 2 / 4 | 50% |
AC-5 | 2 / 4 | 50% |
AC-6 | 2 / 4 | 50% |
CM-5 | 2 / 4 | 50% |
IA-2 | 2 / 4 | 50% |
SC-10 | 2 / 4 | 50% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- SilverTerrier 0.29
- Threat Group-1314 0.22
- RedEcho 0.20
- GCMAN 0.17
- Operation MidnightEclipse 0.16