Symantec has identified a previously unknown group called Orangeworm that has been observed installing a custom backdoor called Trojan.Kwampirs within...

Threat Actor Profile

Orangeworm

Uses 4 known MITRE ATT&CK techniques.

4 TTPs Mapped Real-Time Alerts

Actor Overview

Known Techniques
4 TTPs

MITRE ATT&CK Techniques

T1071T1071.001T1021T1021.002

Related Threat Reports

Premium
APT Campaign Analysis - Q4 2025Dec 2025
New Tactics Observed in WildDec 2025
Infrastructure Mapping ReportDec 2025
Stay Updated

Get alerts when new intel on Orangeworm is published.

Actor Details

Primary Name
Orangeworm
Data Source
Precursor Intelligence
Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →