Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 19:44:41 UTC
Home > List all groups > List all tools > List all groups using tool Barlaiy
 Tool: Barlaiy
Names
Barlaiy
POISONPLUG
Category Malware
Type Backdoor
Description
(Microsoft) Initial intrusion stages feature the Win32/Barlaiy implant—notable for its use of
social network profiles, collaborative document editing sites, and blogs for C&C.
Information
Malpedia Last change to this tool card: 24 April 2021
Download this tool card in JSON format
All groups using tool Barlaiy
Changed Name Country Observed
APT groups
 APT 41 2012-Jul 2025
 Barium 2016-Nov 2017
2 groups listed (2 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=cc7c9b72-deca-4976-9110-db76a36350dd
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=cc7c9b72-deca-4976-9110-db76a36350dd
Page 1 of 1