Is IObit Security 360 too good to be true? Malwarebytes claims theft of intellectual property.

You know when you have big dreams to do something, then you hear you won’t be able to attain what you want and all your hope and dreams come crashing down around you? Well this is how I feel when it comes to security software for my computer. I am on the constant lookout for *the best* free anti-spyware security supplement for my computer. I say supplement because Avira fills the spot for main security work horse for me. For the most part, my favorite had been Malwarebytes for a long time simply because it has one of the best detection rates out there. However, recently I started using IObit’s new IObit Security 360 because it has excellent detection rates, not very heavy on computer resources, and has a much more aesthetically pleasing interface vs Malwarebytes. In fact I took a liking to IObit so much, I thought it was “the one”. Today as I was reading my e-mail, Adrian crushed my hopes and dreams by informing me about possible theft done by IObit. It seems the developer of Malwarebytes is claiming IObit is stealing Malwarebytes’ intellectual property and proprietary database:

Malwarebytes has recently uncovered evidence that a company called IOBit based in China is stealing and incorporating our proprietary database and intellectual property into their software. We know this will sound hard to believe, because it was hard for us to believe at first too. But after an indepth investigation, we became convinced it was true. Here is how we know.

The final confirmation of IOBit’s theft occurred when we added fake definitions to our database for a fake rogue application we called Rogue.AVCleanSweepPro. This “malware” does not actually exist: we made it up. We even manufactured fake files to match the fake definitions. Within two weeks IOBit was detecting these fake files under almost exactly these fake names.

During the course of our investigation, we uncovered additional evidence that IOBit may have stolen the proprietary databases of other security vendors as well. We are in the process of contacting these vendors.

Malwarebytes intends to pursue legal action against IOBit. We demand IOBit immediately remove all traces of Malwarebytes’ proprietary research and database from their software. We also demand IOBit be delisted from Download.com due to Terms of Service violations. This is criminal: it is theft, it is fraud, and we will not stand for it.

More detail at: http://malwarebytes.besttechie.net/2009/11/02/iobit-steals-malwarebytes-intellectual-property/

Of course IObit has come out and flat denied this accusation:

We have never used the database of any other companies. And hope Malwarebytes stop spreading malicious rumors for hyping itself. The ridiculousness: who will trust and depend on a security product that can NOT even protect itself?

A legal letter will be released later, which will prove that there is no problem with Intellectual Property Rights.


Our database is from the online submission form: http://db.iobit.com/deal/sdsubmit/index.php

We also have many various sources of malware samples from warm-hearted users, computer security fans, and major security groups from all over the world. We have admitted that it’s hard to avoid mistakes, like a silly or duplicated name. But there is in no way means we steal Malwarebytes’ or any other’s database. We are investigating and tracking on those items which Malwarebytes declared stolen.

After carefully tracing and investigating the history of IObit’s database, we find that someone used the submission page which is disabled now (http://db.iobit.com/deal/sdsubmit/index.php) to submit samples with the same names from Malwarebytes. Unfortunately, IObit database analyzer carelessly used the names provided by the submission. This mistake can be understood because it is very normal – Many enthusiastic IObit users find there are samples missed by IObit Security 360 but detected by other anti-malware products, then they would submit these samples to us and provide names defined by other anti-malware vendors.

More detail at: http://blog.iobit.com/archives/95.html

Now I am not going to take sides yet until I find out more about this issue, but as it stands, to me it seems like Malwarebytes has a strong case. Too bad, too… I really like IObit Security 360.

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

38 comments

  1. Wrath6

    To let people know. IObit was and never gonna be charged since nothing was not stolen! You know how Americans are against Chinese/Asians. Anyway IObit is clean green all the negative/ fake comments you see today and onwards on forms like Cnet are from Malwarebytes fan-boys XD
    You’ll find raciest comments like: “Everyone, do not buy or use this third-rate Chinese …” -_- I mean really??! there are two sides to every story! when it comes to tech the Chinese are up there, something like an American AV would never need to be stolen lol! Malwarebytes should watch it, because what goes around come twice as harsh when it comes back. Asian tech data get stolen but there is not much fuss… Why?? Because a majority of the world speaks and listens to English. (even learning it as a 2nd language). In the end it’s up to you to use IObit or not… Don’t be too persuaded by others who are very good at crafting and emotionally adding/scaring away IObits consumers.
    never stolen never charged, only accused.

  2. Wrath6

    [@judy biris]
    ??? judy biris… Umm When software is free, you don’t enter any credit card numbers AT ALL -_-. You never get sent to a buying page when you down load FREE. ALL THAT HAPPENS IS A DOWNLOAD WINDOW APPEARS AND YOU CLICK DOWN FREK”N DOWNLOAD.
    I mean GOSSH! (nothing worse then clueless people owning a computer)

  3. judy biris

    Downloaded a FREE program from them, and guess what……. they charged me $29.95 on my credit card. I called the bank and had them refused the charge . A inves. is now going on by the fraud Div. Do not trust this co.

  4. newJason

    hmm. All of this drama is quite interseting. I have used Advanced System Care since it was a reccommended tool, daily on GAOTD. I have had nothing but luk with it. I had a slowing of my connection speed and thought it may be Avast web sheild. I went to thier support fourms and after a lot of reading, A few users were convinced that IOBIT’s 360 was conflicting with Avasts webshield. That is when I learned of the allegations from Malwarebytes. I had never used MBAM so I went to their site and read up on their claims of stolen data as it downloaded. I used malwarebytes after it downloaded and updated itself and came back clean. I don’t know if it was just me, or what, but the MBAM window, painted itself v e r y s l o w l y from the time I opened it to the time i closed it. I was not impressed with MWB’s programming, and even more put off by thier support fourms and thier blatant arrgance twoard IO BIT. There is no proof of their allegations. It’s only heresay. And the fact that they advertised setting a trap by writing a dummy.exe file that they claim IOBit’s program picked up as Malware, even though it was begnein, demonstrates that MWB is more focused on being hell bent to yell and scream at IOBIT and stir slander than to focus on it’s product, and it’s users well being. I mean, comon. How much effort have these guys put into thier product vs. the effort they have put twoard IOBIT. If MWB was smart, they would use this whole mess as an oportunity , and partner with IOBIT and make better sofware for both companies, and for the millions who use their products. IOBYTES would be the resulting of the two giants who saw the greater good. This is a golden opportunity for them to come together and be unified and grow for the good of everyone. It’s a pitty, and I think they(and alot of us) are too short sighted to see that.

    Oh, and BTW.
    No proof could be found that Advanced System Care and Avast were conflicting in a negative way as to impact the users internet connections. There is a lot of speculation, but that is all. I am very Impressed with the People who moderate the Avast communities fourms. They are very helpfull to anyone, an avast customer, or not. And they do not predjudice anyone or anything before knowing all the facts. Even then, they are very open minded.
    As a side note: I found that my internet connection speed doubled when my display was set to a higher resolution than 800×600. Off topic, i know, but interesting , none the less.

  5. jhames

    @jumbi: i have heard this debate on so many sites and it is not hard for me to believe there might have been some kind of theft.because everyone is always stealing from one another wether it is pepsi vs coke or mc donalds vs burger king.i do not condone the theft and i think it is despicable.it is ironic however that a pc security company got robbed though.maybe that is the real story here.
    kinda like stealing a gun from a police station it isn’t suppose to happen

  6. babytyger

    I bought the paid version for Advanced SystemCare & Security 360 after I trialed with their FREE version.  Couple days into the usage I got a 767 detected threats, which were supposed to be removed but still one left “Misleading.SecurityMaster AV” in the next scan.
    Few days later 767 threats (mostly registries) were detected, so I was wondering could this be their tactic in reporting false readings so that I would buy their paid version.
    I was also scanning my pc with other programs such as AVAST 5.0 Internet Secuirty, MalwareBytes & SuperAntiSpyware but none of them detected anything.
    I asked for refund & requested my bank to make a stop payment.  Avangate (reseller for IOBIT) provided the tool free 24/7 but when I called …the number is not available YET!
    Avira = Germany
    IOBIT = China??  I would not trust any intellectual products “created” by chinese (I am Asian not White). If I have know the origin of the company I would never buy in the first place.
     

  7. jumbi

    #calebstein
    thats why “stolen” is in quotes, meaning the supposed stolen stuff.
    I am not implying anything.

    And how do you explain the big difference in size?
    I cant believe that in a couple of days they re-wrote the code :-)

  8. jumbi

    Right after the recent debate with malwarebytes, there was a new version published which is a significantly smaller in size!
    (v.1 is 11.8MB while new vesion 1.2 is 7.3MB !!)
    Any ideas why this may have happened?
    perhaps they have removed other “stolen” or “Labs reported” stuff?

  9. calebstein

    Iobit did NOT steal!

    Malwarebytes admitted that it took two weeks for Iobit Security 360 to detect the fake viruses, therefore proving that someone had to have found the fake virus and submitted it to Iobit. I wish Malwarebytes would just accept that Iobit makes a better security program and would stop trying to kill Iobit’s software.

  10. MrWizard

    Mike:
    Others have addressed some of your more interesting concerns raised in post # 19 so I will focus only on the one that seemed to bother you the most, based on the number of times you brought it up.

    1)”a company which is marketing its products as pornography download accelerators

    2)* a company actively targeting harvesters of online pornography

    3) software which its own creators say is the ideal helper for downloading pornography

    You obviously are well versed in internet use and cannot possibly be unaware that a huge percentage of it is for legal pornography (I have seen the estimates but do not immediately recall them and will therefore not quote something that I cannot cite). It would seem likely, therefore, that there would be a significant demand for a product that would make accessibility easier, witness download accelerators.

    I am not aware that they can be made to selectively download pornography faster than any other material, so it would appear that it is the way the software is being promoted that is the crux of the problem. This seems to be simple marketing 101 if you will – an attempt at market expansion for a product. Not exactly a new concept.

    The fact that pornography may offend your personal sensibilities is not a justification to rail against a company which also makes many other software products which you have found useful; Unless you take a similar moral high ground stand against every company that has a peripheral product or interest or marketing gambit that also offends you. In which case the expected action would be to stop doing business with all of them. And you don’t need me to draw you a picture of results when these are taken to their extreme logical conclusion.

    Just thought a little third party perspective was in order. Absolutely no offense was intended and I hope none was taken. And remember that my comment was referable only to the single topic and not to any of your other criticisms of IObit. (Turned out longer than expected, but actually that’s expected – sorry)

    I read your posts regularly and usually glean something useful from each one, and did today as well. You research things well before posting, rather than simply spout off personal opinions as unsupported facts – a refreshing break in a sea of cacophony. (Not dotTech; just forums in general)

  11. MikeR

    Rick: I’d be a pretty darn poor false flag sailor if I went to the trouble of attacking IObit without sticking in some gushing mention of the software publisher whose products I’m really trying to push.

    Your reference to hiding in closets is silly.

    I’ve used and endorsed all IObit software since Advanced Windows Care was launched. I’ve endorsed IObit software products on various threads here ever since dot.tech started.

  12. alfran

    @16Rick:
    You are absolutely 100% right. And again in your last comment.

    It is almost frightning to see how some people overreact and love to smear and slander.

    Nobody will win when things get faked,like those ridicoulous files.

    From this there will only be loosers.

    BTW,dear MikeR….what is going on in your mind..??Please do get things in perspective again.

  13. Rick

    MikeR, I’m no IOBit fan, but your post reeks of a somewhat well-crafted anti-IOBit crusade from a non-user…not an IOBit user questioning his own choices. You do a disservice to your cause by disguising yourself that way. Come out of the closet, it’s nice out here in the fresh air.

    Personally, the slick over-prettied interface on their products combined with the overzealous promises of their software’s ability keeps me away from wasting my time with their stuff.

    Ashraf specifically pointed out that IOBit’s product “has a much more aesthetically pleasing interface vs Malwarebytes”, but in my experience a pretty facade is usually there to distract users from what’s going on behind the scenes…or they’ve blown their whole budget on making it pretty instead of effective. The most effective software I’ve ever found has also been the ugliest 90% of the time. SysInternals is a good example of ugly and effective.

  14. sa2.4

    There’s porn on this here web. I had no idea. I have used Iobit products for a few years now and their stuff usually does what it says it will do and pretty well, to my thinking. I’ll wait for the validity of
    the charge to be substantiated

  15. MikeR

    Al:

    Thanks for that post. I know it doesn’t touch directly on the specific issue, but it does add to the uneasiness IObit enthusiasts, such as myself, must now be feeling.

    In the past day or so I’ve delved into IObit’s user forums and though there’s been plenty of static, some posts have given legitimate cause for concern:

    http://forums.iobit.com/showthread.php?t=4799&page=33

    I checked out post 322. It’s valid. And it raises a serious question:

    do I really want to be associated, as a user, with a company which is marketing its products as pornography download accelerators. . ?

    There’s something distinctly wrong with a corporate psyche when this kind of sales approach is embraced in so deliberate and systematic a fashion.

    And if there’s something wrong in that respect, then the question is inevitably begged: what else may be wrong with IObit’s mind-set?

    What other practices may also be deemed to be perfectly acceptable? — and not merely in the marketing of its products, either: once one question is raised in one area, it spreads like a flash-fire to others.

    Thus. . . what else might IObit deem acceptable in the actual creation of its products?

    I’m not sure.

    But my unease isn’t helped by the fact that those behind IObit cling to an anonymity that could as well be a cover for a fiction as a fact: the use of a stock photograph on the comnpany’s “About Us” page is as blatant as it is absurd.

    Slowly, then, yet remorselessly, that flash-fire seems to be taking hold, with IObit’s troubles only deepening by the day:

    http://www.freewarebb.com/IObit-Security-360-Pro-t50236.html

    Bottom line: here we have a company in which many thousands, possibly millions of computer users, invest their trust because they’re trusting their computers to that company’s offerings.

    Yet it is also:

    * a company actively targeting harvesters of online pornography;

    * a company whose website has now managed to earn itself the distinction of a negative rating from SiteAdvisor and another negative rating from WOT;

    * a company whose “unique” malware expertise seems so inadequate its “highly skilled development team” couldn’t even properly analyse the signature strings devised by Malwarebytes;

    * a company which holds an all too obvious contempt for the truth: the excerpted review it ran on its IObit Security 360 web page —

    Forbes says:

    “Cleans up infected systems better than any product we’ve tested”

    — is a fiction because Forbes doesn’t do software reviews and so could never have written the article from which IObit says it is quoting.

    http://cc.bingj.com/cache.aspx?q=iobit+forbes&d=4631606872573747&mkt=en-US&setlang=en-US&w=7794a0b0,50d1b238

    * a company whose provenance is anything but transparent, and which bedecks its ‘About Us’ page with a stock shot from an image library;

    * a company now accused of theft by Malwarebytes.

    Like dear Ashraf, I’m not going to rush to judgment where that particular matter is concerned.

    But in all truth, the more that I look into IObit, the less that I like.

    And now, the fact that I appear to be using, and recommending to others, software which its own creators say is the ideal helper for downloading pornography, is more than enough.

    There’s just too much hard-fact evidence out there to make me feel that IObit is not a company I can trust to behave ethically: if it will lie about a non-existent Forbes review, then what lies might it say to me to persuade me to use its products?

    I’m uninstalling all IObit software, and will no longer recommend IObit or its products to anyone else.

  16. Al Bundy

    Iobit didn’t just ripoff Malwarebytes, they falsely claimed that Iobit Security 360 was featured in Bizjournals, AOL, Reuters, HooVers, and Forbes. When you do a search on any of those websites, nothing concerning Iobit Security 360 can be found. Also, if you look on Iobit.com, there is no information provided as to the location of the company. Why would they not want people to know where they are located in China? Check the grammar and spelling on the website. If they were a professional company, they would have someone who could speak and read English well enough to proof read the website. Sometime on Nov. 3, Iobit removed the icons for Bizjournals, AOL, Reuters, Hoovers, and Forbes. I think it is easy to come to the conclusion, that Iobit cannot be trusted.

  17. Rick

    Malwarebytes could have more accurately determined if IOBit was stealing by putting the fake stuff in their database but including a program update that causes their program to ignore the fake entry. That would have prevented Malwarebytes users from detecting the faked files and submitting them to other vendors.

  18. Pete

    I actually noticed that their fingerprint count fell recently (by 1000 I think)… maybe this is why.
    Well, who really knows anyway. The entire software industry stinks of stolen copyrighted material anyway.

  19. MikeR

    Ashraf:

    Thanks for the heads-up. I wasn’t aware that the two publishers were locking horns, though I had heard of some allegations flying around CNET. Unfortunately, where the latter’s concerned, the allegations seemed often to have been made by half-wits incapable of even installing anything properly, thus the various slanders about ‘this software fills your computer with junk that you can’t ever get rid of’.

    What utter tripe.

    I’m not sure why Malwarebytes has elected to go this particular route given that iObit is a well-heeled outfit and has plenty of “wiggle room” when it comes to accusations such as this: it’s not alone in taking in user feedback to update its own database.

    Of course, that practice can indeed mask software piracy — but, if it does, then proving it is going to be well-nigh impossible.

    iObit has invested some time and effort in authoring a user friendly GUI and incorporating features in its freeware version that are only available in Malwarebytes’ paid-for.

    iObit’s decision to do so wasn’t based on any charitable desire to help the needy. It was purely commercial.

    Against it, the smaller Malwarebytes could only respond by turning its paid-for version into freeware (and doing something about its aesthetic appeal.)

    Had I been advising Malwarebytes, that’s the route I’d have suggested long since, copying iObit’s own freeware and “PRO” commercial ware as its business model.

    But it hasn’t, and is now in a lose-lose situation because I simply cannot see how it can sustain any legal case against iObit (and, more to the point, defend itself against any counter action by iObit.)

    Bottom line: the “truth”, such as it might be here, is never going to be known: Malwarebytes is not going to be able to prove, beyond a shadow of doubt, that iObit “stole” anything — whether iObit did so or not. (And Malwarebytes hasn’t done itself any favours, either, with its idiotic allusion to iObit’s geographical provenance: the reference to China was as gratuitous as it was transparent.)

    I’m delighted to see that, as ever, your objectivity remains intact. There’s no *proven* case for slagging off iObit at this time or for joining in the kind of infantile comment seen on the all-too-often infantile Cnet.

  20. Adrian

    Ashraf, thanks for pointing out this to the public. As Ron pointed out, the story has been over the net in a few days, and even one of the most experienced tech bloggers, such as the authors of What’s On My PC, Ghacks, Bill Mullin’s Weblog and even 4 Free on internet have written about this problem, because they are convinced of the evidence.

    I like your approach for not taking sides until absolutely proven of the theft. I think that the defense IObit has made to be convincing, but anyway I still love their Advanced System Care, either way this is your blog, so you can do what you want with it, right? :)

  21. Shi

    MmM I think I agree with Frank, no matter what business your in competition is ugly. No matter the trade there is always stealing of some kind happening. I wonder if malwarebytes is finger pointing free…

  22. Michael N Hart

    I am only an amateur teche so can not comment on the details of any program, but i would like to say thank you for this article, and that i will be following any updates on this story, i was warned of this by an internet friend, as i am an affiliate of 10bit and if this proves true i will be removing their programs from my websites, Malwarebytes is on all four of my computers and has never let me down, so as they say “watch this space” Mike.

  23. RoseD1st

    Ashraf, This kind of finger pointing in software is not new.This time I must disagree with you sorry.I’m a big fan of IObit and will keep and pass on their software to others.too many folks are sue happy so till proven don’t buy the hype

  24. Frank

    Dear Ashraf,

    as I am a software programmer myself I can tell you from personal experience that most of the AV/AM vendors out there ‘steal intellectual property’ from each other.
    Whenever one of my products (or other legit software like RAdmin, VNC etc. pp.) got a false positive detection by one AV/AM product you could count days until many others did so too.
    Most AV/AM vendors are IMHO clueless, unscrupulous people just wanting to make money. In my experience the bigger the company the worse the work.
    I personally wasted hours to ask for removal of proved false positives.

    Besides: The high rate of false positives lately makes the AV/AM products more or less useless as a detection doesn’t mean anything anymore.

    I don’t give a *** for any of them crying “Mooomiii, that other has stolen my idea”. They don’t care about our needs for real security, I don’t care about their needs.
    I wouldn’t stop using a ‘stolen’ product just because another thief complains.

    Frank

  25. Ron

    Thanks for bringing this information to your readers’ attention. The story has been all over the ‘net for a couple of days. If true, it won’t be the first time a software author has taken some shortcuts.

    I first tried IOBit 360 when it was in beta, with a test bed composed of a laptop running XP Pro SP3, 2Gb RAM. The footprint wasn’t bed, the GUI was pretty, but I wasn’t always sure what it was doing. Since I keep MB Pro and JV 16 Power Tools 2009 on my machines, I really didn’t have a use for it.

    I’m not averse to using new programs; I diligently search for alternatives to my basic Eset NOD 32, Online Armor Pro, Malwarebytes Pro configuration for the machines on my network. Even if IOBit hasn’t committed this breach of faith, it’s still not a contender for me As always, ymmv.

  26. haakon

    Thanks….NOT only for this posting- but for all the time you use testing and writing ……
    I am a “software junky” and over time have gotten to trust your postings as “gospel” (almost :-) THANKS!!!

  27. Zion

    Hm…it’s a shame if IObit is guilty of the accusations. IS360 is really good. MBAM is still good, but real-time protection and automatic updates is only available in paid versions.

    I won’t take sides yet, but I’m just hoping this will all be dropped.