Malwarebytes

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats, it has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia and Cork, Ireland.[3]

Malwarebytes Inc.
TypePrivately held company
IndustryComputer software
Security software
FoundedJanuary 21, 2008 (2008-01-21)
Illinois, U.S.
FounderMarcin Kleczynski
Bruce Harrison
Headquarters
Santa Clara, California
,
U.S. (Global)
Cork, Ireland (EMEA)[1]
Area served
Worldwide
Key people
Marcin Kleczynski
(CEO and founder)
Tom Fox (CFO)
Dariusz Paczuski
(SVP of Marketing)
Pedro Bustamante
(VP of Technology)
Adam Hyder
(SVP of Engineering)
Akshay Bhargava
(CPO)
ProductsMalwarebytes Anti-Malware, Malwarebytes Anti-Exploit, Malwarebytes Anti-Ransomware, Malwarebytes AdwCleaner, Malwarebytes Endpoint Security, Malwarebytes Anti-Malware Mobile, Malwarebytes Anti-Malware for Mac
Number of employees
800+[2]
Websitewww.malwarebytes.com

History

Early history and background

Malwarebytes Inc. was informally established in 2004.[4] CEO and founder Marcin Kleczynski, originally from Poland, was still a teenager attending high school in Bensenville, Illinois at the time, and was working as a technician in a computer repair shop in Chicago.[5] He noticed that whenever infected computers arrived, they would generally reformat the computer, regardless if the infection was only minor. It was only when his mother's computer became infected that Kleczynski learned more about why the virus wasn't directly attacked, finding that neither McAfee nor Symantec would remove the malware from his system.[6] He later recalled "I've never been as angry as when I got my computer infected", and professed that his mother told him to fix it "under penalty of death".[7] It was only after Kleczynski posted on the forum SpywareInfo, popular at the time, that he was able to learn how to cure it, which took three days. The company was unofficially founded after this, when Kleczynski conversed and became friends with several of the editors of the forum, who tempted him to buy an unused domain from them.[6]

With one of the site's regulars, Bruce Harrison, Kleczynski wrote the inaugural version of the company's software.[7] In 2006, worked with a college roommate to produce a freely available program called "RogueRemover", a utility which specialized in fighting against a type of infection known as "rogues", which scam computer users into giving away their credit card information through fake anti-virus software. RogueRemover proved instrumental in developing Malwarebytes Anti-Malware, and Kleczynski was able to set up a forum which enabled him to improve the software through feedback.[6] Kleczynski and Harrison formally launched Malwarebytes on January 21, 2008 while Kleczynski was studying computer science at the University of Illinois.[6][7] Bruce became the VP of Research for Malwarebytes, and further hired Doug Swanson, with experience in freeware development to work for the new company. Marcus Chung, an e-commerce expert who formerly worked for GreenBorder, was hired as chief operating officer.[6][8] Kleczynski and Harrison reportedly made $600,000 in their first year of selling the software, despite not having met personally at the time.[9]

Post-2010 developments

In 2011, Malwarebytes acquired HPhosts, a website blacklisting company, which tracks blacklisted websites and ad servers, a necessary development to protect against new internet protocol addresses and web servers which distribute malware, and advise internet service providers to shut down those with malicious activity.[10] That year, the company had claimed to have removed over five billion pieces of Malware in three years.[8] The following year, the company launched into the corporate market with an enterprise product aimed at desktop-based anti-malware detection and protection.[11] In 2013, Malwarebytes acquired ZeroVulnerabilityLabs, Inc., a security research and development company founded by Pedro Bustamante, which protects software applications from "known and zero-day exploits used by exploit kits, web-based vulnerability exploits and other corporate-targeted attacks".[12] They expanded their malware removal and protection to the Android platform with the launch of Malwarebytes Anti-Malware Mobile,[13] and launched a USB-based product called Malwarebytes Techbench aimed at helping technicians remove malware.[14]

In 2014, Malwarebytes received $30 million in funding from Highland Capital, and by the following year it announced that it had treated 250 million computers worldwide, representing about 20–25% of working business computers.[9] By 2013 it claimed to have removed five billion malware threats from computers in its first five years.[15] In June 2015, the company announced that it was moving its headquarters from 10 Almaden Boulevard in San Jose, California to a new 52,000 square feet (4,800 m2) office space on the two top floors of the 12-story 3979 Freedom Circle in Santa Clara, California. The new office is more than twice the size of the former office. The company reported a growth of 10 million users in just one year, from 25 to 35 million active users at the time, and an increase in revenue by 1653% in 2014.[7] In 2015, Kleczynski was named one of Forbes Magazine's '30 Under 30'.[16]

In January 2016, Malwarebytes unveiled advanced anti-ransomware package Endpoint Security,[17] and announced that it had raised $50 million in investment from Fidelity Management and Research Company. Kleczynski stated that the funds would be used primarily for the company's hiring, product development and marketing assets.[9] In June, Malwarebytes announced a strong growth in sales of over 75 percent in the first quarter of the year compared to 2015, with billings surpassing $100 million. The corporate subscription base for the company was reported to have grown by 90%.[18] In September, Proofpoint, Inc. CEO Gary Steele joined the company's board of directors, with Kleczynski citing his "deep expertise in the security software industry, and his proven ability [at] increasing sales revenue" as the main reasons for his appointment.[19] In October the company purchased AdwCleaner, a Windows program used to clean adware from computers.[20] In February 2017 the company acquired Saferbytes, an Italian security start-up specialized in anti-malware, anti-exploit, anti-rootkit, cloud AV, and sandbox technologies.[21]

Services and products

CEO Marcin Kleczynski states that the Malwarebytes engine has an advantage over many of the traditional antivirus programs because it was developed in 2008, when many of the others were developed in the late 1990s and had little idea of what malware would look like 15 years down the line. He states that this makes it "easier for us to adapt as malware evolves".[6] The New York Times describes their system as a "hybrid of heuristics, behavior and a signature engine that is designed to detect and block malware that other vendors can't detect".[10] According to Dean Takahashi of VentureBeat, Malwarebytes complements other antivirus software from vendors such as Symantec and McAfee, with the anti-malware working with the anti-virus software to attack the problem from "different directions". He remarked that Malwarebytes "cleans off machines that are already infected", while "the pro version stops your machine from getting infected in the first place".[8]

As in the early development days with RogueRemover, Malwarebytes thrives on community feedback. It runs two sub-forums complementing the main forum, known as "False positives" and "Malware contribution", with the false positives being reported allowing the company to update its database within just hours, and the Malware contribution allowing for them to quickly report what is missing and download it.[6] Kleczynski had been quoted as saying, "We still try to work like a bootstrapped company. We'd rather build products that our customers buy rather than we sell to them something they may not need."[9]

Products

Malwarebytes logo

Malwarebytes has several products, which as of 2011 were available in 36 different languages. Malwarebytes Anti-Malware offers two different versions, one for free download for home computers, and the other a professional version, with a 14-day free trial in advance, offering "real-time protection against malware, automated scanning, and automatic updating".[10] Malwarebytes Anti-Malware Mobile is a free Android app which protects smartphones from mobile malware, preventing unauthorized access to personal data identifying tracking applications.[22] It has a rating of 4.4 on the Google Play store.[23] In 2014, the company launched Malwarebytes Anti-Malware 2.0 with an improved user interface and dashboard.[24]

In 2014 the company launched Malwarebytes Anti-Exploit, which shields selected applications from attacks by "exploit mitigation to protect vulnerable programs".[4] Anti-Exploit also comes in a free and paid for version for Windows computers. The free version stops exploits in browsers and Java, whilst the paid product adds protection for a wider range of software applications.[25] Anti-Exploit received four stars from PC Magazine[26] and won V3 magazine's "Security Innovation of the Year" award.[27] In 2016, Malwarebytes Anti-Exploit was merged into the premium version Malwarebytes version 3.0, and the standalone application is now offered only as a perpetual beta.[28]

In January 2016, Malwarebytes unveiled Malwarebytes Endpoint Security, advanced anti-ransomware technology which is described as the "first solution to offer multiple layers of protection against unknown ransomware". The company sponsored a survey with Osterman Research into 540 firms in the United States, United Kingdom, Canada and Germany and found that nearly 40% of companies had experienced ransomware incidents, of which 34 percent had accounted for loss of revenue.[17] The Guardian reported that one-fifth of British companies had been charged over $10,000 to unlock their files and that there was an increasing demand for anti-ransomware technology.[29] After Endpoint's inception, the beta was reportedly downloaded by some 200,000 businesses and consumers in the first six months of the year.[17]

Malwarebytes also has numerous tools such as a Junkware Removal Tool to remove adware, an Anti-Rootkit Beta to remove and repair rootkits, StartUpLITE to boost the speed of the Windows reboot and FileASSASSIN to prevent locked files.[4]

License and privacy

The software license[30] requires arbitration "in the county where you reside", forbids class action suits, reverse engineering and sharing, and limits warranties and liability. Even the free version may not be shared, since they track use separately for each user.

Malwarebytes' privacy policy[31] lists many types of information they collect and store, including other software running on a user's computer ("programs installed or in use"). Malwarebytes says they collect "name, email address, mailing address, or phone number... company name, company size, business type... Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site ... operating system, date/time stamp, and/or clickstream data ... type of device you use, operating system version, and the unique device identifier... language... 32- or 64-bit... Information from the Windows Security/Action Center, including security settings and programs installed or in use... license... If it represents a console system, the number of seats being managed by that installation of the console[,] Endpoint domain information... organization to which the IP address is licensed, if any".[32]

There are different limits on their use, sale, and sharing of data:

  • No limits for what they call "non-personally identifiable information ('Non-PII')". "Non-PII ... may include... anonymously generated device identifiers",[32] which are tied to most other data items listed above.
  • Limited uses for personally identifiable information (PII), including name, address, phone, company name, size and business type, "we do not share PII with third parties" except for situations listed in the Privacy Policy, which include that they "may disclose PII to government ... and private parties ... to satisfy... regulation ... subpoenas... to protect ... the public in general; ... to prevent or stop activity we consider to be illegal or unethical."[32] They also disclose enough information to provide "advertising based upon your browsing activities and interests."[32]

In general they do not put time limits on how long they keep data, except for IP address or when users ask for deletion of PII:

  • "we do not retain the IP address... However, we do use it to gather ... continent, country, city, and approximate latitude/ longitude ... The type of connection (dialup/broadband/satellite/mobile) The ISP... The organization to which the IP address is licensed, if any".[32]
  • "You may access and modify the PII [personally identifiable information]... If you want us to delete your PII... We will delete your information as soon as possible; however, some information may remain in archived/backup copies for our records or as otherwise required by law. We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements."[32] They define PII to exclude device identifiers, so they do not promise to delete these identifiers and user history.

While the above text says that Malwarebytes saves locations of IP addresses, including for mobile devices, they do not go further and get GPS locations from mobile devices, "We do not ask for, access or track any location based information from your mobile device at any time while downloading or using our Mobile Apps or Services."[32] They do not say if they get antenna locations.

They also collect detailed information on malware and exploits they find, tied to the user's license number and device identifier, "vendor... File path of exploit process... Command-line arguments passed to the exploit... (Potentially) a copy of the exploit executable itself".[32] They do not list the license number as PII.

They have a certificate from TRUSTe, which among other things certifies the company "Limits the information collected and limits use to what is specified in the privacy notice."[33]

Personnel

As of 2018, key individuals working for Malwarebytes included:[4][34]

  • Marcin Kleczynski – CEO
  • Tom Fox – chief financial officer
  • Adam Hyder – SVP of Engineering
  • Elena Verna – SVP of Consumer
  • Dariusz Paczuski - SVP of Marketing
  • Akshay Bhargava – Chief Product Officer
  • Pedro Bustamante – Vice President of Technology
  • Fernando Francisco – Vice President of Corporate Development and Strategy

See also

References

  1. "Developments – Cork Invest". CorkCity.ie. Retrieved 31 December 2017.
  2. "Malwarebytes". LinkedIn. Retrieved 11 November 2017.
  3. "Malwarebytes – Talent Community". jobs.Malwarebytes.com. Retrieved 31 December 2017.
  4. "Company Overview of Malwarebytes Corporation". Bloomberg. Retrieved 12 October 2016.
  5. "Q&A: Marcin Kleczynski, CEO of Malwarebytes, on cybersecurity and startups". San Jose Mercury News. Retrieved 26 April 2015.
  6. "Interview with Malwarebytes' founder, Marcin Kleczynski". Techspot. 11 October 2012. Retrieved 12 October 2016.
  7. "Malwarebytes grows out of downtown San Jose as demand for virus protection soars". Silicon Valley Business Journal. 16 June 2015. Retrieved 14 October 2016.
  8. "Malwarebytes quietly becomes a big player in anti-malware software – VentureBeat – News – by Dean Takahashi". VentureBeat. Retrieved 26 April 2015.
  9. Lunden, Ingrid (21 January 2016). "Security Startup Malwarebytes Raises Another $50M From Fidelity". Tech Crunch. Retrieved 12 October 2016.
  10. "Malwarebytes Quietly Becomes a Big Player in Anti-Malware Software". The New York Times. 18 July 2011. Retrieved 12 October 2016.
  11. Ellen Messmer (17 September 2012). "Malwarebytes offers enterprise anti-malware detection, prevention". Network World. Retrieved 26 April 2015.
  12. "Malwarebytes Completes Acquisition of ZeroVulnerabilityLabs". 20 June 2013. Retrieved 12 October 2016.
  13. Michael Kassner (21 October 2013). "Malwarebytes Anti-Malware Mobile now protects Android devices". TechRepublic. Retrieved 26 April 2015.
  14. "Portable USB drive fixes malware-crippled machines". net-security.org. Retrieved 26 April 2015.
  15. "Five billion strikes in five years for Malwarebytes". SC Magazine. 21 January 2013. Retrieved 14 October 2016.
  16. Upbin, Bruce. "Marcin Kleczynski, 25 – In Photos: 2015 30 Under 30: Enterprise Technology". Forbes. Retrieved 14 October 2016.
  17. "Malwarebytes Endpoint Security Now Protects Businesses Against Current and Future Ransomware Threats". BusinessWire. Retrieved 12 October 2016.
  18. "Malwarebytes Sales Grow by 75 Percent in Q1". BusinessWire. 29 June 2016. Retrieved 27 October 2016.
  19. "Proofpoint CEO Gary Steele Joins Malwarebytes Board of Directors". Digital Journal. 13 September 2016. Retrieved 12 October 2016.
  20. "Malwarebytes acquires AdwCleaner". Ghacks.net. 21 October 2016. Retrieved 27 October 2016.
  21. "Malwarebytes acquires Saferbytes". press.malwarebytes.com. 7 February 2017. Retrieved 7 February 2017.
  22. "Malwarebytes Anti-Malware for Android". TechSpot. Retrieved 14 October 2016.
  23. Malwarebytes. "Malwarebytes Anti-Malware – Android Apps on Google Play". Google. Retrieved 26 April 2015.
  24. "Malwarebytes Anti-Malware 2.0". PC Magazine. 14 December 2014. Retrieved 14 October 2016.
  25. "Malwarebytes Anti-Exploit aims to stop unknown threats to Windows". ZDNet. 13 June 2014. Retrieved 14 October 2016.
  26. "Review Malwarebytes Anti-Exploit Free: Malwarebytes Anti-Exploit Free". PCMag UK. Retrieved 26 April 2015.
  27. "V3 announces winners of Technology Awards 2014". V3. Retrieved 26 April 2015.
  28. Martin Brinkmann (12 December 2016). "Malwarebytes Anti-Exploit Standalone information - gHacks Tech News". gHacks Technology News. Archived from the original on 7 August 2017. Retrieved 12 August 2018.
  29. "Ransomware threat on the rise as 'almost 40% of businesses attacked'". The Guardian. 3 August 2016. Retrieved 14 October 2016.
  30. "Malwarebytes Software License Agreement, undated". Retrieved 2017-03-14.
  31. "Privacy Policy". Malwarebytes. Retrieved 2020-04-27.
  32. "Malwarebytes Privacy Policy". 2016-12-08. Retrieved 2017-03-14.
  33. "Privacy practices and standards, undated". Retrieved 2017-03-14.
  34. "About Us". Malwarebytes. Retrieved 7 September 2018.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.