Malwarebytes claim: IObit is stealing signature databases

The flip side to that is that every program had to start somewhere.
And curiosity gets the best of some us on occasion.

 

What a bunch of bollocks is that ?
Does that mean noone may say something is malware unless they have been victimized by it themselves ?

 

Exactly! History have sawn that Public Opinion ia easily manipulated.
In Mid-ages a rumor that a innocent woman was a witch, would usually had as result to be burnt alive!

I have read it. But I prefer to investigate further or at least wait, before making a judgment.
Haste is never a good companion to reason.

That said I do agree that iobit, have being caught stealing... big time...

Panagiotis

 

don't think much more will happen from here on in, IObit can't really come up with any more Logical explanations/excuses etc. they will probably start to disappear and website eventually go down.

 

i doubt it since they have many other products as well, maybe just their IObit 360 part.

 

No...you misunderstood....WOT ratings and WOT comments are two different things. Ratings can only be left by people registered, with an account who are using the WOT software. This means using the slider things to rate a site on each of the categories.

The comments are there to describe why they think a site is bad but it does not affect the site rating. I didnt mean to say only people using the scam software can rate the site.

 

Lets say for arguments sake they dumped the IObit 360 part and kept the other products and site going.

How long do you think they could put up with people constantly bashing them?
Their reputation has gone and spreading. Their products are starting to be removed from all over the net, so their sales are gonna be next to nothing. IObit's days are numbered.

 

Hi everyone,
I'm new here (as most of you can guess) and more the reading type.

I've been following this since yesterday when first came across the post in Malwarebytes' blog.

I want to ask a question - please don't laugh at me about this, I'm not that tech savvy.
In the 3rd paragraph from the bottom of the original Malwarebytes' post (blog) it says: "… we uncovered additional evidence that IOBit may have stolen the proprietary databases of other security vendors as well…”.
And this statement was repeated today in the forum.
How can Malwarebytes’ identify which defs in the database is of which vendor (beside its own)? I mean, since the various security vendors are rival companies, how can one have specific knowledge of another’s defs? And I'm not reffering to the common ones.

 

well Comodo seems to still be up and running with their free products... but thats for a different discussion that we wont start here.

 

Panagiotis I can understand your point of view. I however made a choice to post my comment on WOT, because I personally believe the argument MBAM had brought forward was valid. The response of IOBIT was a joke. Banning members deleting posts didn't help. I don't believe there is or was a global conspiracy instigated by MBAM to tarnish or destroy the reputation of IOBIT.
I made this choice, after looking at the evidence available to me.

~Off topic comments removed.~

 

Honestly it does not matter the outcome for me, just the way that this was handled by Iobit is enough for me not to trust them anymore. Their is definitely foul play involved but for me their lackadaisical reply and some other unbelievable comments by admins on their forum is just to shady, too much like they are afraid to say something definitive or do not have much to say at all.

 

They cannot have specific knowledge. Unless they reversed engineered iobits database and the database of the other vendors (which is illegal...).
Probably the have confronted the online databases (iobits and other companies) malware names, and they found a lot of equal names.

And this is the reason that MB made a "trap fake-malware".

ps. I hope that they did not reverse engineered iobits, because if they did the whole issue gets alot more complicated...

Panagiotis

 

i never said anything about their toolbar, but lets leave it at this since this isnt the thread for it...

 

intire threads deleted

http://forums.iobit.com/showthread.php?t=4826 Iobit has now moved up to deleting threads on their form.......... when will the madness stop!!!!!!!!

 

Thought this was interesting, I had not heard of this before. Can't say I am surprised though:

http://blogs.computerworld.com/15026/iobit_accused_of_stealing_from_malwarebytes

 

Malwarebytes really has quite alot forum posts everywhare nearly at every security forums. After all, both Malwarebytes & IOBit will be killed, slowly, by the successful of Microsoft Security Essentials, together with other small players.

 

Update on this topic ..

More on this topic plus screenshots – CNET News - http://news.cnet.com/security/

 

Saw this in that story-

Does this explanation hold much water? Seems like if a malware were submitted to Iobit there would still have to be some confirming the submission was not a false positive- even if it was flagged by another vendor. There would have to be some oversight between the submission and actual entry of the sig to Iobit 360.

 

Well the problem with that explanation is that someone would have to actually have the file so they could scan it, realise MBAM could detect it and IObit360 couldn't, then submit it.

But the MBAM team never released the file to the public.

What few excuses we are getting from IObit are immediately thrown out of the window due to the evidence supplied by the MBAM team.

 

Just because IOBit will be killed doesn't mean to say Malwarebytes will also be killed. since when has microsoft been able to provide bullet proof security on pc's? there will always be market for other security apps.

MOST IMPORTANTLY.I just wanna say. I have noticed people bashing china on various forums. STOP thinking and acting with your emotions. this does not mean to say that all chinese vendors are evil, good remarkable original products have come from china. So please lets not get into the mindset that all chinese vendors are untrustworthy.

 

Ahh, besides not publicing it to the public they also covered every scenario

MBAM, planned it very well. They must have had some scenario's ready depending on IOBits's reaction of their first claim, as explained in MBAM's follow up post and follow up proof http://www.malwarebytes.org/forums/index.php?s=&showtopic=29772&view=findpost&p=153225

A new - new combo can slip through (not analysed by a IObit person, submitted by a IObit customer), although normally AV/AS comanies are keen on bragging new-new combo's on their blogs, but these combination is so unlikely to be submitted by a client (becuase it involves classifying the new samples)

a) the new variants have not been referred to in the wild before MBAM own follow up post (as Fuzzy pointed out)
b) a fake new class name for an existing signature (exact match)
c) a fake new signature was made for an existing class name (exact match)

Somebody (a person) at IObit should have noticed, classifying them, while an automated classification process should not make such a mistake

 

How does IObit get signatures from MBAM that were never released to the public? Is this MBAM database somehow accessible from the outside? Or is MBAM suggesting this was an inside job- someone inside MBAM sending the signature database to IObit?

 

No these signatures where hidden fonies in the data base (poisened trap), which were reversed engineered by Iobit, besided the time element they covered all combo's which more or less prooves an automated reverse engineering process.

When you are not having a pure "in the cloud AV/AS", you update/download the blacklist data base on your PC's harddisk every day, when you know how it is structured (what field names are in it, in what format), you can reverse engineere it and 'read the info'. So it is not nessecary an inside job.

Regards Kees

 

in 5-10 years when 64-bit becomes the main stream there will probably be a 128 bit and all security vendors will then have apps for 64 bit but not 128 bit ? that's what I think will happen .