14 DAY TRIAL // Malwarebytes started to deliver notifications to users of the paid versions of Anti-Malware regarding the legitimacy of the purchase, offering free one-year licenses even to those who obtained an illegal copy of the product.
The program is called Malwarebytes Amnesty and is the result of a far from optimum license key generation algorithm adopted a long time ago.
Although the mechanism was appropriate for producing a smaller number of unique serial numbers, it is completely inadequate for the current sales the company makes, and the risk of collision is high.
Pirates and victims of scammers get legit keys
Marcin Kleczynski, CEO and founder of the company, explains in a blog post published over the weekend that Malwarebytes has simply outgrown the initial plans and adopted a new licensing system that is currently rolled out in stages.
The first step is to collect data from clients and check the keys that are still active and who is using them. Because of the improper generation system, the same code may be assigned to both a pirate and a customer that paid for the product.
“If you are a true pirate, the furthest you will get is a year's worth of Malwarebytes. I wish we could handle each of the keys manually and determine if they are legitimate, but there are tens of millions of them and so we've automated the process a bit to cut them down. After that cut down, which is when a user selects an option, we will be going through the uses manually,” Kleczynski says.
Another reason behind this is that some customers may have been duped into paying for an illegal copy of the product. Such a case was recorded last year, when a US-based tech support scammer sold the same key for Malwarebytes Anti-Malware Premium more than 2,400 times, getting $99 (currently €90) each time, making at the time more than $231,759 / €172,470.
Offer delivered in the product, honored without verification
The company is currently scanning for illegal copies of the product and asks users how they got their software.
One option is “I’m not sure where I got my key, or I downloaded it from the Internet,” and selecting it generates a legitimate key that works for the Anti-Malware version for one year, no other questions asked.
The other option is “I purchased my key” and picking this result is replacing the original serial number with a new one.
Kleczynski says that if anyone feels cheated about buying the software (since pirates now get the same benefit for free), the company would be happy to throw in free shirts or a free copy of Anti-Exploit ($24.95 / €25.54).
