Malwarebytes accuses rival of software theft

Malwarebytes is accusing China-based computer security firm IObit of intellectual property theft, but IObit denied the allegations and said there were problems with its malware submission site.

Malwarebytes claims IObit stole from its database of signatures of malicious applications that its software uses for detecting malware on customer computers.

Malwarebytes discovered that IObit's Security 360 free anti-malware software was flagging a specific key generator piece of code for Malwarebytes' Anti-Malware software and using the same naming scheme, which includes the phrase "Don't Steal Our Software," according to a blog post on the Malwarebytes.org site.

This screen shot shows IObit's product uses the same naming scheme as Malwarebytes.org.

(Credit: Malwarebytes.org)

After finding additional evidence, Malwarebytes conducted a test and added fake definitions for a fake rogue application to its database of malware. Within two weeks, IObit was detecting the fake files and using "almost exactly" the fake names, Malwarebytes said.

"We soon became convinced that this was not a mistake, it was not a coincidence, it was not an isolated event, and it persisted presently in their current database," the blog post says. "They are using both our database and our database format exactly."

Malwarebytes, which said it uncovered evidence that IObit may have stolen proprietary databases of other security vendors as well, said it plans to pursue legal action against IObit

IObit denied the allegations, saying it was a "mistake," and accused Malwarebytes of spreading "malicious rumors."

IObit said it would soon release a legal letter an explanation about the technical aspects that proves its case. In the meantime, IObit temporarily deleted all disputed items in its database to avoid "dispute and possible problems" and disabled its malware submission page, the company said in a blog post.

Basically, someone submitted samples with the name used by another vendor, the post says.

"Unfortunately, IObit database analyzer carelessly used the names provided by the submission. This mistake can be understood because it is very normal--Many enthusiastic IObit users find there are samples missed by IObit Security 360 but detected by other anti-malware products, then they would submit these samples to us and provide names defined by other anti-malware vendors."

"There are holes and problems with IObit malware submission procedure and database management," the post concluded.

Malwarebyte's found that IObit's product detected the fake malware Malwarebytes put in its database as a test.

(Credit: Malwarebytes.org)

[deegrin]

What the... I've been using iObit for a long while! I'm kind of a fan of it... wonder what's going to happen now.

[Derike]

I am a long time user of IOBIT, it's a respective company which really listen to his custom, this make iobit develop so fast moved the status of MBAM, so I can understand why MBAM planned attack

[coprophilous]

Huh?

'huh"?

Derike
Member since:
November 3, 2009

Do the math

[Spywarekilla]

Wow Derike... unintelligible English combined with a brand new CNET account. Bet you thought you had us fooled, huh? You're defenitely not a "representative" from Iobit, right?

[cloudmatt]

lulz @ IObit fail

really tho why can't all the anti spy/vir get together join hands and make the web a better safer place for all. I doubt the definitions of these computer threats are too different from one another as is and I always believed that the engine that uses the deff is far more important than the deff it's self. Goofy concept I know see who can write the most powerful/low resource/effective scanning engine and go off a global DB of all known vir/mal/etc. for the deffs.

but hey I'm the crazy guy who can't understand why every one keeps buying the same madden game every year when web content could update the player list year to year.

[Been_there_Saw_it_before]

With concocted hassels like this the malware makers are laughing their hinnies off and taking notes on what is being detected (and how well) and what they can do to escape detection.

Work together you guys. Make a product that combines your talent.

[pentest]

The almighty dollar is more important than anything else.

Rule #1 in our fascist world.

[interestingornot]

Ha-ha, that is exactly what I want. Just imagine: a most powerful program with the biggest definitions in the world, so wonderful.

Cheers, cloudmatt, you really have a great concept. Is any one in security field having this concept? Then all of us will be lucky. We will no longer compare these so-so products. We will not care which is much better, because we have the strongest one.

I have an interest in IOBIT. If they can "steal" the definitions of MBAM, they must have a very very strong "R&D". At this time, I am wondering, why they didn't change the name or description after they borrow MBAM's data but let it as the same as MBAM's. I suppose this must be a very simple thing for them. As everyone has mind should admit that this is definitely will become evidence in such cases. So I think this issue is very interesting now.

[redmarine]

People don't understand the term peace. Peace means politics and money meaning no love and when that doesn't work out all hell breaks lose.

Anyway, why use crapware when you can get Microsoft Security Essentials, Avira, Avast and a ******** of quality free software instead? :P

[pentest]

MSE is crapware.

[Kaixi]

MSE is a fantastic antivirus. Obvious troll is obvious.

Now IOBit is posting a sample of live malware to prove their point. Bad move, IMHO.

[pcdocwi]

MalwareBytes created fake definitions for a fake rogue that does not exist, so how could IOBit's users have submitted files that would have detected that rogue? They could not.
Your busted, IOBit.

[jlopezcnet]

This is unacceptable and should be followed up with felony criminal charges. If a person can get 5 years prison for downloading music, then employees in this company should get comparable charges as well.

I am so sick of big companies doing criminal activities and only getting slapped with fines. The average citizen gets jail time for downloading a song ON TOP OF getting a fine.

[no-bs-just-the-facts]

There will be no charges, companies in China are given free reign to steal US technologies. China declared economic war on the US years ago but our government turned a blind eye to it while accepting Chinese loans. Now and for many years to come it is time to pay the piper.

[pjk0]

Another Chinese company committing FRAUD to make more profit?!?

SAY IT ISN'T SO!!!

[shinji257]

IOBit is stealing from a company that provides their anti-malware software for FREE. You can get a better version for a price but I have found that the free version does a very good job for those of us that run manual scans on an as needed basis.

Oh and Malware Bytes isn't the first company to plant fake "tracking" definitions in their sets. I do think that Norton and McAfee does the same thing.

[Imalittleteapot]

This just ticks me off. I love Malwarebytes. Do your own work IObit . You've been busted.

[vivienkki]

I am a fan of IObit for a few years. It?s hardly to believe the situation is true. I use both Malwarebyte and IObit Security 360 currently, most of time, I found IObit Security 360 can scan more malwares, adwares, Trojan, etc than Malwarebyte, so I still doubt that how IObit steal Malwarebytes? data? Malwarebyte has no protection for its critical information?

[Spywarekilla]

What a coincidence that your only reviews are of Iobit products, huh?

[The_Farm]

Derike above and vivienkki here have posted the exact same messages on softpedia. This shows how low IOBit is willing to stoop. Its clearly a company thats not to be trusted.

P.S. They didn't even bother to post in correct english.

[bryan_m]

Guys,
compare IObit's threat submit service design http://db.iobit.com/deal/sdsubmit/index.php with www.spywarevoid.com
They've stolen the design too!!, now I believe they're thiefs.

[calebstein]

***! The only similarities are the background colors. So basically, what you are saying is that if I made a malware submission site with a black background and white forground, you would accuse me of stealing spywarevoid's design?
Oh, and by the way, how do you know that spywarevoid didn't steal IObit's design?

[Rayquaza_384]

I really loved all the products that Iobit offers. I was really shocked about this news. I really can't believe it. Hopefully they will resolve this issue soon.

[Yelonde]

Not to be racist or anything, (and I will admit that I am korean), but many asian companies still have a lot of issues with intellectual property and copyright law.

[andeyejah]

Well it's the chinese after all what do you expect they rip off absolutely everything!.I don't buy chinese products at all and my life and pocket are all the better for it!.

[chronoboi001]

With IObit's response, which is to delete threads & topics regarding this issue, I feel more trust to Malwarebytes. Why would IObit have to delete those posts if they aren't guilty? Odd.

[danc2heaven]

The world needs to wake up to the espionage of Chinese companies around the world, especially America which has naively turned a blind eye to it. The Chinese have the largest espionage campaign in the world against America, it's no wonder they have progressed so quickly, who needs to spends billions on research and development when you can just steal it from another country and save all your time and money. I have read some articles about how this is done here,
http://www.pbs.org/wgbh/pages/frontline/shows/spy/spies/
also a blog here
http://spkntruth.blogs.experienceproject.com/
What is really funny is on top of this I recently read a story about how Chinese authors and all in the Chinese news are condemning Google for violating copyright because they scanned some Chinese books. The pirate capitol of the world is complaining about a few of their books being scanned, if that is not the biggest form of hypocrisy I don't know what is.

[inachu1]

You are misleading in your post. Yes China may have hte largest but it is not the most successful.
The most successful is the mossad posing as toy helicopter employees and roaming art students.

[rdc1253]

Its Chinese. I'm suprised theres not lead paint in it too.

[inachu1]

Now I see why MAB was slow in updates as they were fighting this company.

But if IOBIT is telling the truth then would there be some future legalese similar to the following:
"By submitting malware samples you agree not to submit the same sample to other software companies." I would say I can submit my trojans to whom ever I want as often as I want.

Anyway I stopped using them. For the past month MAB found nothing whereas combofix found 30 infections.

[hammers1986]

Nuff said. You do realise that ComboFix is not for private use. Can't you read the disclaimer in bleepingcomputer link for ComboFix?

I used to like Advanced WindowsCare until they stopped that and released Advanced SystemsCare and I didn't like them after that with the continous nagging saying "If you buy the PRO version, we can improve your internet, speed and performance by 300%!" Yeah right, sounds like a con to me. And now IObit caught with their pants down having fake samples that doesn't exist in the wilds. Pretty conclusive if you ask me, even Columbo holding his fat cigar, squinting would say "Oh, just one more thing."

[ozzyfan75]

Iobit didn't just ripoff Malwarebytes, they falsely claimed that Iobit Security 360 was featured in Bizjournals, AOL, Reuters, HooVers, and Forbes. When you do a search on any of those websites, nothing concerning Iobit Security 360 can be found. Also, if you look on Iobit.com, there is no information provided as to the location of the company. Why would they not want people to know where they are located? Check the grammar and spelling on the website. If they were a professional company, they would have someone who could speak and read English well and able to proof read the website. Sometime on Nov. 3, Iobit removed the icons for Bizjournals, AOL, Reuters, Hoovers, and Forbes. I think it is easy to come to the conclusion, that Iobit cannot be trusted.

[dreamer_2oo8]

HERE IS WHERE THEY ARE LOCATED DOH DOH HEAD.

IObit
1st floor of 8th building, No 16, Lansiduan, Erhuanlu
High-tech R&D district
Shanghai, 200000
CN

[jcisio]

I second this.

On the IObit Pressroom, I see ?CNET Editors' Choice Apr 09? http://www.iobit.com/pressroom.html#award (backup here http://ms.thongtincongnghe.com/upload/Image/0911/29/iobit-award-fake.png) and I can't not find this on CNET. Only Malwarebytes has this award. Look at their download pages:
http://download.cnet.com/IObit-Security-360/3000-8022_4-10967594.html
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

They rip the award logo from MBAM. I can't say anything more! CNET, still host their download?

[TheTiredGuy]

Why would anybody put software from a communist country on their computer, anyway?

[Nexus6]

Just about everything we have in this country comes from China, just look at the tags on most items. This has nothing to do with being a Communist, this has to do with being a criminal.