Malwarebytes: IObit Stole Our Signatures Database

IObit dismisses the accusations

By on November 3rd, 2009 08:56 GMT
Malwarebytes accuses Chinese antivirus vendor IObit of stealing its intellectual property and threatens to pursue legal action. Despite the solid evidence presented by Malwarebytes, IObit denies any wrongdoing and plans to respond through its lawyers.

Malwarebytes Corporation is a US-based company developing several security-oriented applications. Its flagship and most popular product is called Malwarebytes' Anti-Malware (MBAM), which comes in both free and commercial flavors and is particularly renowned for its ability to remove rogueware.

In a post published on its official blog yesterday, Malwarebytes takes aim at IObit for allegedly stealing its signatures. "Malwarebytes has recently uncovered evidence that a company called IOBit based in China is stealing and incorporating our proprietary database and intellectual property into their software," the company announces.

It all started with a report that the IObit Security 360 application detects a Malwarebytes' Anti-Malware key generator as Don’t.Steal.Our.Software.A, a name specifically created and used by Malwarebytes. "Why would IOBit detect a keygen for our software and refer to it using our database name?" the company asked.

In order to put their suspicions to the test, Malwarebytes researchers crafted a dummy malware sample and an accompanying signature, which they called Rogue.AVCleanSweepPro. Under normal circumstances, this sample shouldn't have been blocked by any other product rather than MBAM, but after about two weeks, IObit started detecting the fake file under exactly the same name.

In addition, Malwarebytes also created a benign file and modified it to particularly match their definition for a real piece of malware called Adware.NaviPromo. No antivirus product out of the 41 ones listed on VirusTotal detect this dummy file, but IObit Security 360 does, again using the same name.

The accusations don't stop here and Malwarebytes even goes as far as to say that "During the course of our investigation, we uncovered additional evidence that IObit may have stolen the proprietary databases of other security vendors as well." The company demands that IObit removes the allegedly stolen signatures from its database and for its software to be unlisted from software download sites for terms of service violations.

IObit dismisses Malwarebytes' allegations and describes them as "malicious rumors for hyping itself." The vendor explains that its malware samples came from many sources, including independent ones and that under these circumstances, it’s hard to avoid errors such as name duplication.

"For the sake of avoiding dispute and possible problems, we have deleted all disputed items in our database temporarily, and have updated IObit Security 360’s database," it says. The company also notes that it is currently investigating the signatures declared stolen by Malwarebytes and plans to release a legal statement later today in order to prove that no intellectual property theft has been committed.

Note: Softpedia did not receive any official request from Malwarebytes to remove IObit's software from its website. We plan to contact both companies for additional clarification and we will update this article as more information becomes available.

Update: Softpedia has decided to temporarily remove the download links to IObit Security 360 from its website until this whole situation is resolved.

IObit has updated its original public statement with a "technical analysis report," which Malwarebytes has again rebutted. You are invited to read our exclusive interview with Malwarebytes' CEO Marcin Kleczynski for additional information.


Photo Gallery (5 Images)

Gallery Image
01
Gallery Image
02
Gallery Image
03
Gallery Image
04
Gallery Image
05

19 Comments