Orange Madagascar
Company Details
Linkedin ID:
orange-madagascar
Website:
Employees number:
888
Number of followers:
43,789
NAICS:
517
Industry Type:
Homepage:
orange.mg
IP Addresses:
0
Company ID:
ORA_7180680
Scan Status:
In-progress
Orange Madagascar Company CyberSecurity Posture
orange.mg
Orange Madagascar, acteur majeur dans l'économie de Madagascar, leader sur le secteur des télécommunications, opère sur la voix, l'internet, les solutions d'entreprise et le mobile banking. Notre ambition au quotidien est d'offrir à nos clients une expérience client incomparable, et nous focalisons en permanence nos énergies sur cet objectif. Orange contribue et accompagne le développement de Madagascar à travers sa forte politique de responsabilité sociétale, à travers des collaborateurs engagés au service des clients, et avec l'ensemble des partenaires du tissu économique et social de la Grande île.
Orange Madagascar A.I CyberSecurity Scoring
Orange Madagascar Risk Score (AI oriented)Between 600 and 649
Orange Madagascar
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Orange Madagascar Global Score (TPRM)XXXX
Orange Madagascar
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Orange Madagascar Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Orange Madagascar: New Android Malware Locks Device Screens and Demands a Ransom
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: **New Android Malware "DroidLock" Targets Spanish Users with Ransomware-Like Tactics** Researchers at Zimperium have uncovered a sophisticated Android malware, dubbed *DroidLock*, capable of locking device screens, demanding ransom payments, and executing full device takeovers. The malware, which exhibits ransomware-like behavior, also wipes data, alters PINs, intercepts one-time passwords (OTPs), and remotely controls infected devices. The campaign primarily targeted Spanish Android users through phishing sites, with attackers impersonating Orange S.A., a French telecommunications company. Once installed, *DroidLock* employs deceptive system update screens to trick victims into granting critical permissions, including Device Admin and Accessibility Services. These permissions enable the malware to perform malicious actions such as factory resets, device locking, PIN changes, and unauthorized access to SMS, call logs, and contacts. The infection begins with a dropper that prompts users to enable unknown app installations, followed by a secondary payload that exploits accessibility permissions to automate further malicious actions. *DroidLock* uses two key overlay techniques—*Lock Pattern* (to capture unlock patterns) and *WebView* (to display attacker-controlled HTML content)—to manipulate user interactions. It also deploys a fake update screen to prevent users from interrupting its operations. Additionally, the malware operates as a persistent foreground service, capturing screen activity via *MediaProjection* and *VirtualDisplay*, then transmitting the data to a command-and-control (C2) server. This functionality poses a severe risk, potentially exposing credentials, multi-factor authentication (MFA) codes, and other sensitive information. Zimperium has shared its findings with Google, ensuring protection for up-to-date Android devices. Indicators of Compromise (IoCs) for *DroidLock* have also been published to aid detection and mitigation.
Orange Madagascar Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Orange Madagascar
Incidents vs Telecommunications Industry Average (This Year)
Orange Madagascar has 31.58% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Orange Madagascar has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types Orange Madagascar vs Telecommunications Industry Avg (This Year)
Orange Madagascar reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — Orange Madagascar (X = Date, Y = Severity)
Orange Madagascar cyber incidents detection timeline including parent company and subsidiaries
Orange Madagascar Company Subsidiaries
Orange Madagascar, acteur majeur dans l'économie de Madagascar, leader sur le secteur des télécommunications, opère sur la voix, l'internet, les solutions d'entreprise et le mobile banking. Notre ambition au quotidien est d'offrir à nos clients une expérience client incomparable, et nous focalisons en permanence nos énergies sur cet objectif. Orange contribue et accompagne le développement de Madagascar à travers sa forte politique de responsabilité sociétale, à travers des collaborateurs engagés au service des clients, et avec l'ensemble des partenaires du tissu économique et social de la Grande île.
Loading...
Orange Madagascar Similar Companies
Huawei is a leading global provider of information and communications technology (ICT) infrastructure and smart devices. With integrated solutions across four key domains – telecom networks, IT, smart devices, and cloud services – we are committed to bringing digital to every person, home and organi
Telefónica
Telefónica is today one of the largest telecommunications companies in the world in terms of market capitalisation and number of customers. We have the best infrastructure, as well as an innovative range of digital and data services; therefore, we are favorably positioned to meet the needs of our cu
We are driving the digital transition of Italy and Brazil with innovative technologies and services because we want to contribute to accelerating the sustainable growth of the economy and society by bringing value and prosperity to people, companies and institutions. We offer diversified solutions
We’re one of the world’s leading communications services companies. At BT Group, the solutions we sell are integral to modern life. Our purpose is as simple as it is ambitious: we connect for good. There are no limits to what people can do when they connect. And as technology changes our world, co
Bharti Enterprises
Bharti Enterprises is one of India’s leading business group with diversified interests in telecom, financial services, real estate, hospitality, agri and food. Bharti has been a pioneering force in the Indian telecom sector with many firsts and innovations to its credit. Bharti Airtel, the group's
Make a new start. A start that will build beautiful relationships, shape millions of ideas. Enable a new way to live, learn, work and play. At Jio, we build products and services of the future to empower billions of Indians make their dreams a reality. Jio is about YOU. Join the movement to make I
Welkom bij de LinkedIn pagina van KPN. Sinds jaar en dag maakt KPN technologie toegankelijk. Hier leest u alles over de ontwikkelingen rondom de thema’s die KPN belangrijk vindt, zoals Het Nieuwe Leven & Werken, Veiligheid & Privacy en ICT-infrastructuur. Ook een transparante en betrouwbare dienstve
Zain Group
Zain Group is a leading provider of innovative ICT technologies & digital lifestyle communications operating in 8 markets across the Middle East & Africa, serving 50.9 million active customers as of 30 June 2025. Zain provides mobile voice, data and B2B services in: Kuwait, Bahrain, Iraq, Jordan, Sa
Airtel Africa
Airtel Africa is a leading provider of telecommunications and mobile money services, with a presence in 14 countries in Africa, primarily in East Africa and Central and West Africa. Airtel Africa offers an integrated suite of telecommunications solutions to its subscribers, including mobile voice a
.png)
Orange Madagascar CyberSecurity News
December 11, 2025 07:59 AM
Our purpose
In a world where digital technology is omnipresent, trust in your telecom operator is crucial. At Orange, it is our purpose that makes us your trusted...
September 12, 2025 07:00 AM
Nucleon Security raises $3.5 million to scale AI-driven cybersecurity solutions
Morocco- and France-based cybersecurity startup Nucleon Security has raised $3.5 million, led by NewFund Capital and joined by...
September 12, 2025 07:00 AM
Morocco’s Nucleon Security raises $3.5m to scale Zero Trust AI across Africa
Nucleon Security, a Moroccan cybersecurity solutions provider, has raised €3 million ($3.5 million) in seed funding to expand across Africa.
September 12, 2025 07:00 AM
Nucleon Security secures €3M to scale AI-powered cybersecurity across Africa
Nucleon Security, a Morocco-based cybersecurity solutions provider, has raised €3 million (approximately $3.5 million).
February 26, 2025 08:00 AM
Orange Group investigates cyberattack as hacker releases compromised data
Hacker “Rey,” linked to the HellCat ransomware group, claims to have accessed Orange's systems for over a month before exfiltrating data undetected in a three-...
July 02, 2024 12:32 PM
Madagascar Joins the Malabo Convention on Cyber Security
The African Union Convention on Cyber Security and Personal Data Protection was adopted in 2014 in Malabo, Equatorial Guinea. Ten years later, Madagascar...
June 01, 2024 08:48 AM
Cooperation between Orange Digital Center and Coursera
Orange Digital Center, a dynamic institution in Madagascar, has partnered with Coursera, the global leader in online learning, to launch a cutting-edge...
January 29, 2024 08:00 AM
Orange Madagascar plans massive coverage boost
Operator Orange Madagascar has announced plans to double its network coverage to reach about 90% of the island country's 29 million people...
February 24, 2023 08:00 AM
Orange people moves: new home market head
Dominic Trott becomes Head of Cybersecurity in the UK at Orange Cyberdefense. Executive Committee changes continue with appointment of...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Orange Madagascar CyberSecurity History Information
Official Website of Orange Madagascar
The official website of Orange Madagascar is https://www.orange.mg.
Orange Madagascar’s AI-Generated Cybersecurity Score
According to Rankiteo, Orange Madagascar’s AI-generated cybersecurity score is 644, reflecting their Poor security posture.
How many security badges does Orange Madagascar’ have ?
According to Rankiteo, Orange Madagascar currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Orange Madagascar have SOC 2 Type 1 certification ?
According to Rankiteo, Orange Madagascar is not certified under SOC 2 Type 1.
Does Orange Madagascar have SOC 2 Type 2 certification ?
According to Rankiteo, Orange Madagascar does not hold a SOC 2 Type 2 certification.
Does Orange Madagascar comply with GDPR ?
According to Rankiteo, Orange Madagascar is not listed as GDPR compliant.
Does Orange Madagascar have PCI DSS certification ?
According to Rankiteo, Orange Madagascar does not currently maintain PCI DSS compliance.
Does Orange Madagascar comply with HIPAA ?
According to Rankiteo, Orange Madagascar is not compliant with HIPAA regulations.
Does Orange Madagascar have ISO 27001 certification ?
According to Rankiteo,Orange Madagascar is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Orange Madagascar
Orange Madagascar operates primarily in the Telecommunications industry.
Number of Employees at Orange Madagascar
Orange Madagascar employs approximately 888 people worldwide.
Subsidiaries Owned by Orange Madagascar
Orange Madagascar presently has no subsidiaries across any sectors.
Orange Madagascar’s LinkedIn Followers
Orange Madagascar’s official LinkedIn profile has approximately 43,789 followers.
NAICS Classification of Orange Madagascar
Orange Madagascar is classified under the NAICS code 517, which corresponds to Telecommunications.
Orange Madagascar’s Presence on Crunchbase
No, Orange Madagascar does not have a profile on Crunchbase.
Orange Madagascar’s Presence on LinkedIn
Yes, Orange Madagascar maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/orange-madagascar.
Cybersecurity Incidents Involving Orange Madagascar
As of December 15, 2025, Rankiteo reports that Orange Madagascar has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Orange Madagascar has an estimated 9,741 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Orange Madagascar ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Orange Madagascar detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with zimperium researchers, and remediation measures with google has updated protections for up-to-date android devices..
Incident Details
Can you provide details on each incident ?
Title: DroidLock Android Malware Incident
Description: A new Android malware dubbed 'DroidLock' locks device screens and demands ransom to prevent data deletion. The malware can wipe devices, change PINs, intercept OTPs, and remotely control the user interface. It targets Spanish Android users via phishing sites, impersonating companies like Orange S.A.
Type: Malware (Ransomware-like)
Attack Vector: Phishing sites
Vulnerability Exploited: Accessibility Services Permission, Device Admin Permission
Motivation: Financial gain (ransom)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing sites.
Impact of the Incidents
What was the impact of each incident ?
Incident : Malware (Ransomware-like) ORA1765576841
Data Compromised: Screen activity, credentials, MFA codes, device unlock patterns, SMS, call logs, contacts, audio
Systems Affected: Android devices
Operational Impact: Device lockdown, remote control, data wiping, PIN changes
Brand Reputation Impact: Potential reputational damage for impersonated companies (e.g., Orange S.A.)
Identity Theft Risk: High (due to credential and MFA code theft)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Screen Activity, Credentials, Mfa Codes, Device Unlock Patterns, Sms, Call Logs, Contacts, Audio and .
Which entities were affected by each incident ?
Incident : Malware (Ransomware-like) ORA1765576841
Entity Name: Orange S.A.
Entity Type: Telecommunications company
Industry: Telecommunications
Location: France
Customers Affected: Spanish Android users
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Malware (Ransomware-like) ORA1765576841
Third Party Assistance: Zimperium researchers
Remediation Measures: Google has updated protections for up-to-date Android devices
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Zimperium researchers.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Malware (Ransomware-like) ORA1765576841
Type of Data Compromised: Screen activity, Credentials, Mfa codes, Device unlock patterns, Sms, Call logs, Contacts, Audio
Sensitivity of Data: High
Data Exfiltration: Yes (transmitted to C2 server)
Personally Identifiable Information: Yes (credentials, MFA codes, device unlock patterns)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Google has updated protections for up-to-date Android devices.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Malware (Ransomware-like) ORA1765576841
Ransom Demanded: Yes (to prevent data deletion)
Ransomware Strain: DroidLock
Data Exfiltration: Yes (screen activity transmitted to C2 server)
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Malware (Ransomware-like) ORA1765576841
Recommendations: Avoid installing apps from unknown sources, revoke unnecessary permissions, keep devices updated, and monitor for suspicious activity.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Avoid installing apps from unknown sources, revoke unnecessary permissions, keep devices updated and and monitor for suspicious activity..
References
Where can I find more information about each incident ?
Incident : Malware (Ransomware-like) ORA1765576841
Source: Zimperium
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Zimperium.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Malware (Ransomware-like) ORA1765576841
Investigation Status: Ongoing (findings shared with Google)
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Malware (Ransomware-like) ORA1765576841
Entry Point: Phishing sites
Backdoors Established: Device Admin Permission, Accessibility Services Permission
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Malware (Ransomware-like) ORA1765576841
Root Causes: User installation of malicious apps from unknown sources, granting excessive permissions
Corrective Actions: Update Android protections, educate users on phishing risks, and enforce stricter app installation policies
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Zimperium researchers.
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Update Android protections, educate users on phishing risks, and enforce stricter app installation policies.
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was Yes (to prevent data deletion).
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Screen activity, credentials, MFA codes, device unlock patterns, SMS, call logs, contacts and audio.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Zimperium researchers.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Screen activity, credentials, MFA codes, device unlock patterns, SMS, call logs, contacts and audio.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was Yes (to prevent data deletion).
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Avoid installing apps from unknown sources, revoke unnecessary permissions, keep devices updated and and monitor for suspicious activity..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Zimperium.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (findings shared with Google).
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Phishing sites.
.png)
Latest Global CVEs (Not Company-Specific)
Description
NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.
Risk Information
cvss3
Base: 8.1
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Description
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
Risk Information
cvss3
Base: 2.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
Risk Information
cvss3
Base: 4.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
Description
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).
Risk Information
cvss3
Base: 5.8
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=orange-madagascar' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
