Welcome Guest ( Log In | Register )

Forum Announcement

Please keep your account's email current. http://lowy.at/chgEmail

Outline · [ Standard ] · Linear+

> IOBit Steals Malwarebytes' Intellectual Property

views
     
TSBlueWind
post Nov 3 2009, 11:43 AM, updated 13y ago

Sianzation
*******
Senior Member
2,886 posts

Joined: Jan 2007



Interesting news...

Seems like it's time for me to uninstall IOBit. Heh

http://www.malwarebytes.org/forums/index.php?showtopic=29681

QUOTE
Malwarebytes has recently uncovered evidence that a company called IOBit based in China is stealing and incorporating our proprietary database and intellectual property into their software. We know this will sound hard to believe, because it was hard for us to believe at first too. But after an indepth investigation, we became convinced it was true. Here is how we know.

We came across a post on the IOBit forums (cached version, since they have now deleted the original) that showed IOBit Security 360 flagging a specific key generator for our Malwarebytes' Anti-Malware software using the exact naming scheme we use to flag such keygens: Don't.Steal.Our.Software.A.

Dont.Steal.Our.Software.A, File, G:\Nothing Much\Anti-Spyware\Malwarebytes' Anti-Malware v1.39\Key_Generator.exe, 9-30501

Why would IOBit detect a keygen for our software and refer to it using our database name? We quickly became suspicious. Either the forum post was fraudulent or IOBit was stealing our database.

So we dug further. We accumulated more similar evidence for other detections, and we soon became convinced that this was not a mistake, it was not a coincidence, it was not an isolated event, and it persisted presently in their current database. They are using both our database and our database format exactly.

The final confirmation of IOBit's theft occurred when we added fake definitions to our database for a fake rogue application we called Rogue.AVCleanSweepPro. This "malware" does not actually exist: we made it up. We even manufactured fake files to match the fake definitions. Within two weeks IOBit was detecting these fake files under almost exactly these fake names.

We can't publicly show all the evidence we found, because it is still our intellectual property: proprietary information about our database internals. But we don't want you to have to take our word for it either, so we found a way to show you an example illustrating an indisputable pattern of theft.

Consider the file, "dummy.exe". It is a harmless dummy executable that runs, displays a "Hello World" message box, and exits. You can see from third-party scans on VirusTotal, that no other security vendor flags this executable as malicious or even suspicious.

We created this dummy executable, then manipulated it slightly so that it matches one of the signatures in our database. We emphasize that it is still not malicious! -- the signature is perfectly benign, when not in the context of actual malware, as you can see from the VirusTotal results.

We scanned the file with our own Malwarebytes' Anti-Malware software and indeed it was flagged as "Don't.Steal.Our.Software.A". We scanned it with IOBit using their current build and database version and it was flagged as the same "Don't.Steal.Our.Software.A". We have included their log file and a screenshot of the detection. You can verify by yourself using the dummy executable and their most recent database.

We have attached two other such dummy executables to this post, so you can see for yourself. One of them, "rogue.exe", matches our fake Rogue.AVCleanSweepPro (screenshot) definition, the other "fake.exe", matches an Adware.NaviPromo definition (screenshot). VirusTotal results for "fake.exe" and "rogue.exe" so you can see they are benign. You can see a screenshot of our detections here.

During the course of our investigation, we uncovered additional evidence that IOBit may have stolen the proprietary databases of other security vendors as well. We are in the process of contacting these vendors.

Malwarebytes intends to pursue legal action against IOBit. We demand IOBit immediately remove all traces of Malwarebytes' proprietary research and database from their software. We also demand IOBit be delisted from Download.com due to Terms of Service violations. This is criminal: it is theft, it is fraud, and we will not stand for it.

What can you do to help? If you feel the same way we do about this theft, we encourage you to send an email to hosting services such as Download.com and Majorgeeks.com requesting that all IOBit software be removed.

reconter
post Nov 3 2009, 11:46 AM

Getting Started
**
Junior Member
76 posts

Joined: Jun 2008
what a news...
TSBlueWind
post Nov 3 2009, 12:31 PM

Sianzation
*******
Senior Member
2,886 posts

Joined: Jan 2007



Still awaiting for IOBit's explanation though and we will see.
netmatrix
post Nov 3 2009, 12:39 PM

The machine... it sees everything.
*******
Senior Member
5,972 posts

Joined: Jan 2003
From: Zion


IOBit? What the hell is that software? hahaha. Never heard of it. Lucky never heard of it. This news is like showing there are freeloaders out there.
cybpsych
post Nov 3 2009, 01:29 PM

---------------------
*********
All Stars
55,422 posts

Joined: Jan 2003
Declaration from IObit

http://blog.iobit.com/archives/95.html

QUOTE
We have never used the database of any other companies. And hope Malwarebytes stop spreading malicious rumors for hyping itself. The ridiculousness: who will trust and depend on a security product that can NOT even protect itself?

A legal letter will be released later, which will prove that there is no problem with Intellectual Property Rights.

For the sake of avoiding dispute and possible problems, we have deleted all disputed items in our database temporarily, and have updated IObit Security 360’s database.

Our database is from the online submission form: http://db.iobit.com/deal/sdsubmit/index.php

We also have many various sources of malware samples from warm-hearted users, computer security fans, and major security groups from all over the world. We have admitted that it’s hard to avoid mistakes, like a silly or duplicated name. But there is in no way means we steal Malwarebytes’ or any other’s database. We are invetigating and tracking on those items which Malwarebytes declared stolen.

We have so many independent and objective reviewing tests and reports; everybody can download and view from the link: http://forums.iobit.com/forumdisplay.php?f=25. We believe that, after viewing these test report, you can judge that if we steal database from Malwarebytes.

Thanks for the always support of IObit users.


This post has been edited by cybpsych: Nov 3 2009, 01:30 PM
easyzuddin
post Nov 3 2009, 04:46 PM

Amor Gigante
****
Senior Member
539 posts

Joined: Jan 2007
From: Cuba


don't be to lame to accused other by hearing voice from one side. I've known before that MB team behavior like to trap others to fulfill their business target.
xixo_12
post Nov 3 2009, 04:59 PM

i!Retired!i
*******
Senior Member
7,318 posts

Joined: Nov 2006
From: Pulau Sipadan

QUOTE(easyzuddin @ Nov 3 2009, 04:46 PM)
don't be to lame to accused other by hearing voice from one side. I've known before  that MB team behavior like to trap others  to fulfill their business target.
*
please show the sources to support your statement. Refrain yourself to talk when there is no evidence smile.gif
TSBlueWind
post Nov 3 2009, 05:26 PM

Sianzation
*******
Senior Member
2,886 posts

Joined: Jan 2007



Not surprised with IOBit's explanation, but the news is spreading fast lol
xixo_12
post Nov 3 2009, 05:32 PM

i!Retired!i
*******
Senior Member
7,318 posts

Joined: Nov 2006
From: Pulau Sipadan

Not explain well in why Iobit detected same name as MBAM fake file..
easyzuddin
post Nov 3 2009, 06:41 PM

Amor Gigante
****
Senior Member
539 posts

Joined: Jan 2007
From: Cuba


talking about evidence like the upper dude asking for, just think how come they know IObit using others security vendors... maybe they to using others database and how come those who like to use keygen to activate their software get "Don't.Steal.Our.Software.A". Isn't it called a trap? . Even their security database can be read though they are the security software developer. So anybody can steal and manipulate it. tongue.gif

This post has been edited by easyzuddin: Nov 3 2009, 06:46 PM
xixo_12
post Nov 3 2009, 07:15 PM

i!Retired!i
*******
Senior Member
7,318 posts

Joined: Nov 2006
From: Pulau Sipadan

since you can't provide evidence. So better you stay in silent mode, before you could lead to incorrect information.

better u get some read, and talk based on fact. I don't want to argue about it.
fenzodahl512
post Nov 3 2009, 09:18 PM


Group Icon
Elite
1,089 posts

Joined: Jun 2008
I'm very surprised reading this news as I really felt IOBit is a good software.. So I run a test..

I download the dummy.exe from MBAM and download a fresh IOBit program.. I DID NOT update the signature as I want to make sure whether the old database actually detects it..

user posted image

Well, picture tells a thousand words..

Next I download a fresh MBAM and again DID NOT update their database..

user posted image

See.. The very-very-very similar detection? sorry IOBit, but the allegation is sound..


Added on November 3, 2009, 9:44 pmhttp://cc.bingj.com/cache.aspx?q=%22http+forums+iobit+com+showthread+php+t+3325%22&d=4975839906562687&mkt=en-US&setlang=en-US&w=cef7093a,c4461288

user posted image

Credit to Amazing Andrew at Bleeping Computer..

Now, why would IOBit detects Malwarebytes' keygen as "Dont.Steal.Our.Software.A" ?? Malwarebytes' IS NOT THEIR SOFTWARE...

And since the post as early as July, we don't know how long IOBit has practising this kind of "piracy".. doh.gif doh.gif

This post has been edited by fenzodahl512: Nov 3 2009, 09:45 PM
TSBlueWind
post Nov 3 2009, 09:46 PM

Sianzation
*******
Senior Member
2,886 posts

Joined: Jan 2007



Yeah, I thought so too. It is a nice program with nice interface on it but as far as the evidence and the explanation is presented from both sides, things don't look good for IOBit. Notice that IOBit did not explain about the detection and instead they diverted the attention to their independent test reviewers and reports. doh.gif
SUSanembor
post Nov 3 2009, 09:58 PM

Getting Started
**
Junior Member
69 posts

Joined: Oct 2009


Oh my, who wrote for IOBit? It was awful.
UnknownH
post Nov 3 2009, 10:08 PM

Enthusiast
******
Senior Member
1,424 posts

Joined: Mar 2009
From: ME TO YOU



never heard of iobit before tongue.gif
but this is a shocked news..
fenzodahl512
post Nov 3 2009, 10:10 PM


Group Icon
Elite
1,089 posts

Joined: Jun 2008
Ah.. got user posted image.. I try again

see? why on earth IOBit detects Malwarebytes' keygen as "Dont.Steal.Our.Software.A" ?? Its very very obvious isn't it? Malwarebytes' IS NOT IOBit software lol..

Very shame on them.. doh.gif rclxub.gif

This post has been edited by fenzodahl512: Nov 3 2009, 10:11 PM
trifecta
post Nov 3 2009, 10:53 PM

Casual
***
Junior Member
495 posts

Joined: Nov 2008
From: Sri Petaling



No surprise, be it software, car maker etc from China are good at stealing everything from design, codes etc.

Reminds me of the case Huawei stole Cisco's IOS, and yet denied it despite being shown prove etc.
TSBlueWind
post Nov 3 2009, 11:54 PM

Sianzation
*******
Senior Member
2,886 posts

Joined: Jan 2007



QUOTE(fenzodahl512 @ Nov 3 2009, 10:10 PM)
Ah.. got user posted image.. I try again

see? why on earth IOBit detects Malwarebytes' keygen as "Dont.Steal.Our.Software.A" ?? Its very very obvious isn't it? Malwarebytes' IS NOT IOBit software lol..

Very shame on them..  doh.gif  rclxub.gif
*
KANTOI! I'm quite surprised that this happened long time ago. laugh.gif

It gets more and more interesting, I will keep a close eye on it.
xixo_12
post Nov 4 2009, 11:29 AM

i!Retired!i
*******
Senior Member
7,318 posts

Joined: Nov 2006
From: Pulau Sipadan

Dont.Steal.MBAM.Software.A << supposely, Iobit forgot to change.. doh.gif laugh.gif

This post has been edited by xixo_12: Nov 4 2009, 11:29 AM
TSBlueWind
post Nov 4 2009, 04:56 PM

Sianzation
*******
Senior Member
2,886 posts

Joined: Jan 2007



Twist and turn~

http://blog.iobit.com/archives/95.html
QUOTE
2. Until now, Malwarebytes cannot provide any convincing proof to support its fallacy. We hope Malwarebytes immediately stop spreading malicious rumors for hyping itself. We have many independent and objective reviewing tests and reports from users. You can download and view them from this link: http://forums.iobit.com/forumdisplay.php?f=25. We believe that, after viewing these test reports, you can judge - we never stole database from Malwarebytes.


If cannot provide convincing proof, why are they making such accusations? Wouldn't that be doing more harm than good for them? doh.gif

Going on further down..

QUOTE
Actually, this is a mistake that one of our analyzer carelessly and directly used the sample “Don’t.Steal.Our.Software.A.” submitted by the user.

Carelessly? Mistake? Blaming on the automated analyzer? If it's that careless and has so many flaws, why don't fix it? Until when issue arises then keep blaming the useless analyzer ah? rclxms.gif

2 Pages  1 2 >Top
 

Change to:
| Lo-Fi Version
0.0245sec    0.62    5 queries    GZIP Disabled
Time is now: 1st December 2021 - 08:19 PM