IObit is Scummy

F

ForgottenSeer 823865

It wasn't a marketing.
The above-mentioned statement was supposed to prove that IOBit is an honest company, offering quality-solutions that did not steal anyone's DB.
The very same statement opens with an obvious lie. Should I keep reading what's bellow that statement and believe it, or should I just conclude that MalwareBytes or Malware Bytes (dunno how it's synthesised) is right and IOBit "borrowed" from their modest database?
I was aware of this "drama" but i found funny how MB sigs were so easily reverse engineered and use by Iobit, i give Iobit credit for it LOL.

Also when talking about Chinese products, we have to consider cultural mindsets.
1- "Copying" is a natural Asian tendency, and proven quite effective, we copy but we copy and make it better :p
2- Chinese software are most of the time made primarily for locals users, they have a different mindset about how a product should be, for westerners they feels it is bloated, unprofessional designed, but Chinese people like that way. Fancy animated and colorful UI is selling point.
3- Asian Average Joes really really don't care about the technicalities on how and why things works, it must works, that is it, and if the GUI is cool , that is even better.
just compare Chinese phone apps with western ones, lot of less-than-useful functions with fancy design and colors, not even mentioning manga style characters...
 
B

BVLon

I was aware of this "drama" but i found funny how MB sigs were so easily reverse engineered and use by Iobit, i give Iobit credit for it LOL.

Also when talking about Chinese products, we have to consider cultural mindsets.
1- "Copying" is a natural Asian tendency, and proven quite effective, we copy but we copy and make it better :p
2- Chinese software are most of the time made primarily for locals users, they have a different mindset about how a product should be, for westerners they feels it is bloated, unprofessional designed, but Chinese people like that way. Fancy animated and colorful UI is selling point.
3- Asian Average Joes really really don't care about the technicalities on how and why things works, it must works, that is it, and if the GUI is cool , that is even better.
just compare Chinese phone apps with western ones, lot of less-than-useful functions with fancy design and colors, not even mentioning manga style characters...
You finally said what was on my mind, but I didn't wanna be so brutally honest lol. Love you man:D
For Chinese, it should be colourful like a blanket. That's enough.
 
F

ForgottenSeer 823865

If you see a registry key that points to a file or folder that does exist on the computer, clearly it is not an error and should not be detected as one.
i agree, and if you uninstall a software and its leaves dozen of reg entries, it is clear those are unnecessary and worth deleting.

You finally said what was on my mind, but I didn't wanna be so brutally honest lol. Love you man:D
I'm half-Asian, western citizen expat in an Asian country, i know well LOL ;)
 

roger_m

Level 42
Verified
Top Poster
Content Creator
Dec 4, 2014
3,128
And yes, the whole Glarysoft product looks like a 360 knock-off. I thought it's actually 360 licensed, someone then informed me that it's not.
They are completely different products, aside from having a somewhat similar appearance, as Chinese products often do.
Regarding the MBAM sigs from what I remember back then, maybe now it has changed, they used to be a 5-6 mb, highly-compressed archive. They weren't even a properly-secured *.db file and incremental update was not supported. IOBit didn't have to employ hackers and geniuses to steal them sigs :D
Yes, many years ago, someone told me that the reason IObit was able to easily steal them, is because they were not encrypted.
 
Last edited:
F

ForgottenSeer 823865

Regarding the MBAM sigs from what I remember back then, maybe now it has changed, they used to be a 5-6 mb, highly-compressed archive. They weren't even a properly-secured *.db file and incremental update was not supported. IOBit didn't have to employ hackers and geniuses to steal them sigs :D
Exactly, it is why i said, at the time of the drama, MB should blame themselves for their poor security. if i own a restaurant and don't care to hide the secret recipe of my most popular meal for anyone to read, i have to blame myself if someone start selling the same...
 
B

BVLon

They are completely different products, aside from having a somewhat similar appearance, as Chinese products often do.

Yes, many years ago, someone told me that the reason IObit was able to easily steam them, is because they were not encrypted.
IOBit excuse was that someone used an online form to upload malware (zoo malware that MB has created) and somehow it ended up in IOBit database with the exact same name (which was something like YouAreThiefs.A if I remember correctly). They were blaming automated classifiers... as an overall I lost trust in the company. I am not concerned about them stealing from MalwareBytes as MB themselves got quite inspired by Symantec's naming convention and db... I didn't like the fact that they lie.

Exactly, it is why i said, at the time of the drama, MB should blame themselves for their poor security. if i own a restaurant and don't care to hide the secret recipe of my most popular meal for anyone to read, i have to blame myself if someone start selling the same...

Yeah, MalwareBytes is not a dream team either. But Malware Bytes is like a one-man show from inside.... or at least before it was. The whole development was in the arms of 2-3 guys. Now they've expanded a lot. Back then they were a tragedy.
 
B

BVLon

Companies such as Ashampoo and Revo are, to me, trustworthy with no questionable acts.
Ashampoo wants to be your be-all end-all with players, office apps, photo and video editing software, Avira-based AV (what a surprise... they're both German companies) and optimizers... I kinda trust them too. Revo doesn't even need to be commented, it's the best for me.
I expect to see an Ashampoo Linux distro soon.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
Ashampoo wants to be your be-all end-all with players, office apps, photo and video editing software, Avira-based AV (what a surprise... they're both German companies) and optimizers... I kinda trust them too. Revo doesn't even need to be commented, it's the best for me.
I expect to see an Ashampoo Linux distro soon.

Yes I do like their products and how they offer older version (which still great and do the job) for free after releasing newer version.
They also value their loyal customers and they offer decent discounts. I really like their office (which is a rebrand of SoftMaker Office) but decided to ditch it for the sake of the original (SoftMaker Office NX which is $7/year). Their optimiser is safe and efficient and I have never had any issues. Their Backup Pro is also great (I have used version 12 which is great and reliable).

Avira-based AV (what a surprise... they're both German companies)

Ashampoo is a rebrand of Emsisoft Anti Malware.

Edit
 
B

BVLon

Yes I do like their products and how they offer older version (which still great and do the job) for free after releasing newer version.
They also value their loyal customers and they offer decent discounts. I really like their office (which is a rebrand of SoftMaker Office) but decided to ditch it for the sake of the original (SoftMaker Office NX which is $7/year). Their optimiser is safe and efficient and I have never had any issues. Their Backup Pro is also great (I have used version 12 which is great and reliable).



Ashampoo is a rebrand of Emsisoft Anti Malware.

Edit
That's news... Before it used to be an in-house mix of Avira and WinOptimizer....
 

roger_m

Level 42
Verified
Top Poster
Content Creator
Dec 4, 2014
3,128
Companies such as Ashampoo and Revo are, to me, trustworthy with no questionable acts.
Ashampoo were once well known for "spamming" users. While it isn't really spam, if they stated that you would receive their newsletters in exchange for giving them your email address, it seemed that it was fairly common for people to still receive marketing emails after unsubscribing from their email list.

Their driver update software is made by shady Indian developers Innovana Thinklabs/ITL, formerly known as PCVARK. PCVARK were known tech support scammers.

Having said that, I use Ashampoo Office and used to use their burning software.

Revo is definitely trustworthy.
 
B

BVLon

Ashampoo were once well known for "spamming" users. While it isn't really spam, if they stated that you would receive their newsletters in exchange for giving them your email address, it seemed that it was fairly common for people to still receive marketing emails after unsubscribing from their email list.

Their driver update software is made by shady Indian developers Innovana Thinklabs/ITL, formerly known as PCVARK. PCVARK were known tech support scammers.

Having said that, I use Ashampoo Office and used to use their burning software.

Revo is definitely trustworthy.

I don't remember PCVark with tech support scams tbh. I remember they used bogus tactics and exaggerated threat reports, claiming that for example, not cleaning registry entries right now will cause data loss. Their software resembles fake av's... I wasn't aware that Ashampoo is licensing technologies from them.

Btw, many Chinese companies are utilising same tactics to push various Android and Windows software... The mobile version of 360 is one of them programs.
 

Digmor Crusher

Level 25
Verified
Top Poster
Well-known
Jan 27, 2018
1,403
Background if anyone is interested, from Marcin on Malwarebytes forum:

Malwarebytes has recently uncovered evidence that a company called IOBit based in China is stealing and incorporating our proprietary database and intellectual property into their software. We know this will sound hard to believe, because it was hard for us to believe at first too. But after an indepth investigation, we became convinced it was true. Here is how we know.
We came across a post on the IOBit forums (cached version, since they have now deleted the original) that showed IOBit Security 360 flagging a specific key generator for our Malwarebytes' Anti-Malware software using the exact naming scheme we use to flag such keygens: Don't.Steal.Our.Software.A.
Dont.Steal.Our.Software.A, File, G:\Nothing Much\Anti-Spyware\Malwarebytes' Anti-Malware v1.39\Key_Generator.exe, 9-30501
Why would IOBit detect a keygen for our software and refer to it using our database name? We quickly became suspicious. Either the forum post was fraudulent or IOBit was stealing our database.
So we dug further. We accumulated more similar evidence for other detections, and we soon became convinced that this was not a mistake, it was not a coincidence, it was not an isolated event, and it persisted presently in their current database. They are using both our database and our database format exactly.
The final confirmation of IOBit's theft occurred when we added fake definitions to our database for a fake rogue application we called Rogue.AVCleanSweepPro. This "malware" does not actually exist: we made it up. We even manufactured fake files to match the fake definitions. Within two weeks IOBit was detecting these fake files under almost exactly these fake names.
We can't publicly show all the evidence we found, because it is still our intellectual property: proprietary information about our database internals. But we don't want you to have to take our word for it either, so we found a way to show you an example illustrating an indisputable pattern of theft.
Consider the file, "dummy.exe". It is a harmless dummy executable that runs, displays a "Hello World" message box, and exits. You can see from third-party scans on VirusTotal, that no other security vendor flags this executable as malicious or even suspicious.
We created this dummy executable, then manipulated it slightly so that it matches one of the signatures in our database. We emphasize that it is still not malicious! -- the signature is perfectly benign, when not in the context of actual malware, as you can see from the VirusTotal results.
We scanned the file with our own Malwarebytes' Anti-Malware software and indeed it was flagged as "Don't.Steal.Our.Software.A". We scanned it with IOBit using their current build and database version and it was flagged as the same "Don't.Steal.Our.Software.A". We have included their log file and a screenshot of the detection. You can verify by yourself using the dummy executable and their most recent database.
We have attached two other such dummy executables to this post, so you can see for yourself. One of them, "rogue.exe", matches our fake Rogue.AVCleanSweepPro (screenshot) definition, the other "fake.exe", matches an Adware.NaviPromo definition (screenshot). VirusTotal results for "fake.exe" and "rogue.exe" so you can see they are benign. You can see a screenshot of our detections here.
During the course of our investigation, we uncovered additional evidence that IOBit may have stolen the proprietary databases of other security vendors as well. We are in the process of contacting these vendors.
Malwarebytes intends to pursue legal action against IOBit. We demand IOBit immediately remove all traces of Malwarebytes' proprietary research and database from their software. We also demand IOBit be delisted from Download.com due to Terms of Service violations. This is criminal: it is theft, it is fraud, and we will not stand for it.
What can you do to help? If you feel the same way we do about this theft, we encourage you to send an email to hosting services such as Download.com and Majorgeeks.com requesting that all IOBit software be removed.

To summarize, yes, IObit is slimy.
 
B

BVLon

Background if anyone is interested, from Marcin on Malwarebytes forum:

Malwarebytes has recently uncovered evidence that a company called IOBit based in China is stealing and incorporating our proprietary database and intellectual property into their software. We know this will sound hard to believe, because it was hard for us to believe at first too. But after an indepth investigation, we became convinced it was true. Here is how we know.
We came across a post on the IOBit forums (cached version, since they have now deleted the original) that showed IOBit Security 360 flagging a specific key generator for our Malwarebytes' Anti-Malware software using the exact naming scheme we use to flag such keygens: Don't.Steal.Our.Software.A.
Dont.Steal.Our.Software.A, File, G:\Nothing Much\Anti-Spyware\Malwarebytes' Anti-Malware v1.39\Key_Generator.exe, 9-30501
Why would IOBit detect a keygen for our software and refer to it using our database name? We quickly became suspicious. Either the forum post was fraudulent or IOBit was stealing our database.
So we dug further. We accumulated more similar evidence for other detections, and we soon became convinced that this was not a mistake, it was not a coincidence, it was not an isolated event, and it persisted presently in their current database. They are using both our database and our database format exactly.
The final confirmation of IOBit's theft occurred when we added fake definitions to our database for a fake rogue application we called Rogue.AVCleanSweepPro. This "malware" does not actually exist: we made it up. We even manufactured fake files to match the fake definitions. Within two weeks IOBit was detecting these fake files under almost exactly these fake names.
We can't publicly show all the evidence we found, because it is still our intellectual property: proprietary information about our database internals. But we don't want you to have to take our word for it either, so we found a way to show you an example illustrating an indisputable pattern of theft.
Consider the file, "dummy.exe". It is a harmless dummy executable that runs, displays a "Hello World" message box, and exits. You can see from third-party scans on VirusTotal, that no other security vendor flags this executable as malicious or even suspicious.
We created this dummy executable, then manipulated it slightly so that it matches one of the signatures in our database. We emphasize that it is still not malicious! -- the signature is perfectly benign, when not in the context of actual malware, as you can see from the VirusTotal results.
We scanned the file with our own Malwarebytes' Anti-Malware software and indeed it was flagged as "Don't.Steal.Our.Software.A". We scanned it with IOBit using their current build and database version and it was flagged as the same "Don't.Steal.Our.Software.A". We have included their log file and a screenshot of the detection. You can verify by yourself using the dummy executable and their most recent database.
We have attached two other such dummy executables to this post, so you can see for yourself. One of them, "rogue.exe", matches our fake Rogue.AVCleanSweepPro (screenshot) definition, the other "fake.exe", matches an Adware.NaviPromo definition (screenshot). VirusTotal results for "fake.exe" and "rogue.exe" so you can see they are benign. You can see a screenshot of our detections here.
During the course of our investigation, we uncovered additional evidence that IOBit may have stolen the proprietary databases of other security vendors as well. We are in the process of contacting these vendors.
Malwarebytes intends to pursue legal action against IOBit. We demand IOBit immediately remove all traces of Malwarebytes' proprietary research and database from their software. We also demand IOBit be delisted from Download.com due to Terms of Service violations. This is criminal: it is theft, it is fraud, and we will not stand for it.
What can you do to help? If you feel the same way we do about this theft, we encourage you to send an email to hosting services such as Download.com and Majorgeeks.com requesting that all IOBit software be removed.

To summarize, yes, IObit is slimy.
That's what I was talking about lol...
That's the reverse statement.... Declaration from IObit - IObit.Com Forums full of bullshit
 
F

ForgottenSeer 67480

Driver Booster was created only to scare users and force them to install other IOBit products, like scareware / rogueware = FAKE programs from this company. DriverEasy is much more safe to use and he see much more drivers than DriverBooster.
 
B

BVLon

Driver Booster was created only to scare users and force them to install other IOBit products, like scareware / rogueware = FAKE programs from this company. DriverEasy is much more safe to use and he see much more drivers than DriverBooster.
I can't believe that 13-14 after the first scareware (Spy Sheriff) someone would still fall for these tactics :D
Also, all these updates and utilities... in 2020... really? Windows does it all nowadays.
Bottom line: stay clear of IOBit.
 

roger_m

Level 42
Verified
Top Poster
Content Creator
Dec 4, 2014
3,128
Driver Booster was created only to scare users and force them to install other IOBit products, like scareware / rogueware = FAKE programs from this company. DriverEasy is much more safe to use and he see much more drivers than DriverBooster.
As someone who has been using for both for years and have used them on countless computers, I can say the following.
The size of the driver databases in both programs is similar. When Driver Booster was first released, it had a very small database of drivers. But this has been expanded greatly over the years. These days, typically both programs will find a similar number of driver updates. Having said that, I feel that both programs need to expand their databases, to include drivers for more devices. In terms of the database size, DriverAssist is far superior to either of them and Driver Toolkit also has a much bigger database, although this is not a recommendation for either.

Driver Booster does a very good job of finding the correct drivers, just like Driver Easy does, so it's not correct to say that Driver Easy is much more safe to use. I like both programs, but Driver Booster has big advantage in that the free version is not very limited, unlike the free version of Driver Easy. The free version of Driver Easy downloads drivers very slowly and requires manual installation of each driver. With Driver Booster, although the download speed is not as fast as the Pro version, it is still quite fast and just like the Pro version is can automatically install all the drivers one after the other. For these reasons, I feel that free version of Driver Booster is far superior to the free version of Driver Easy, but the paid versions of both are fairly similar.

The major difference between the two, is that while IObit is a shady company, Easeware - the publisher of Driver Easy is a trustworthy company and they really care about their reputation as such.

While Driver Booster is used to promote some of IObit's other software, it is also one of the best driver update tools there is.

Windows does it all nowadays.
But it doesn't. If you do a clean install of Windows, often it won't be able to find drivers for all devices. Even when it does, typically some are generic drivers which often don't work as well at the proper OEM ones.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top