Skip to content
MalwareWiki

Malware

POISONPLUG

aka Barlaiy

According to FireEye, POISONPLUG is a highly obfuscated modular backdoor with plug-in capabilities.

According to FireEye, POISONPLUG is a highly obfuscated modular backdoor with plug-in capabilities. The malware is capable of registry or service persistence, self-removal, plug-in execution, and network connection forwarding. POISONPLUG has been observed using social platforms to host encoded C&C commands.

Family metadata imported from Malpedia (Fraunhofer FKIE).