The Blue Termite malware campaign also name by the names Cloudy Omega/ Emdivi has targeted hundreds of Japanese organizations since its inception in 2011. According to Kaspersky, the malware is Chinese in origin. The C&C infrastructure is located in Japan, the primary target of the campaign. In a November 2014 report, Symantec indicated that the group might share communication channels or attack infrastructure with the Hidden Lynx APT group.

Over four years, the malware has stolen confidential information from government agencies, universities, public interest groups. financial institutions, media organizations, automotive companies, chemical organizations, healthcare firms, electrical companies, real estate firms, technology firms, and other critical infrastructure organizations. The majority of the targets were based or located in Japan. Blue Termite is also allegedly responsible for compromising the personal data of 1.25 million Japanese citizens in a breach of the Japan Pension Service.