Orange Launches AI‑Driven Maldive and Merlin Tools to Counter 3.2 New Malware Threats Per Second

Every second, 3.2 previously unknown malware or potentially unwanted applications appear worldwide. This relentless flow strains traditional signature‑based defenses and pushes operators toward faster, more autonomous analysis.

Orange’s Maldive platform combines static, dynamic and AI‑based analysis in a single pipeline, delivering a malware report in under sixty seconds. On benchmark sets it classifies threats with 90‑95% accuracy, matching many commercial offerings. Benjamin Marais, a research engineer at Orange, notes that the tool’s sovereign code gives the company full control over the detection pipeline, enabling rapid updates without external dependencies.

The companion Merlin project uses reinforcement learning to subtly alter malware binaries, seeking variants that evade existing detectors. By rewarding successful evasion attempts, Merlin builds a catalog of modification actions that can be used to stress‑test antivirus engines. Orange is validating Merlin with French firm HarfangLab, expanding the modification library based on laboratory results.

For security teams, the combined tools highlight the need for detection layers that go beyond static signatures. Defenders should prioritize behavior‑based monitoring, regularly update threat‑intelligence feeds, and incorporate adversarial sample testing into their validation cycles. Practical steps include enabling MITRE ATT&CK technique T1055 (process injection) alerts, deploying sandboxing for unknown files, and subscribing to Orange’s Maldive updates once the prototype moves to production.

Looking ahead, Orange plans to improve model explainability by 2026 and explore real‑world deployment of Maldive across its group networks.