APT41 is a highly sophisticated and very active Chinese state-sponsored advanced persistent threat (APT) group. It engages in both cyber espionage and financially motivated cybercrime activities. APT41 is known by numerous aliases, including Barium, Wicked Panda, Wicked Spider, Double Dragon, Blackfly and Bronze Atlas, as identified by cybersecurity firms such as FireEye, CrowdStrike, and others. APT41 uses Winnti malware and shares lineage with the broader Winnti umbrella of Chinese cyber actors, but they are not the same group. The group’s motivations are multifaceted, involving information theft and espionage for state interests, financial gain through cybercriminal activities, and potentially sabotage.