Skip to main content

This real-time map of antivirus fails is roasting MalwareBytes’ competitors

malwarebytes laptop
Image used with permission by copyright holder
In the wake of the Equifax hack and growing mistrust of major anti-virus companies, it’s becoming harder and harder to know where to turn for your digital security. MalwareBytes believes it should be your solution in these troubled times, and has thrown down the gauntlet for other anti-virus firms with a new tool and report that highlights how they are failing their customers.

MalwareBytes is an anti-malware application that offers manual scanning in its free version, and real-time protection with its premium option. Traditionally, it’s been used as remediation tool by consumers, as a redundancy after their main anti-viral solution fails to prevent infection. But as 2017 ends, MalwareBytes is looking to step out of the toolsets of IT professionals, and into the hearts and minds of consumers the world over — by taking a swipe at its competitors.

To highlight their failings, it’s released a heat map of MalwareBytes users the world over, who have discovered malware infections using its scanning tool. The kicker is that all of those found to be infected are already running some form of security software, be it anti-virus tools like Avast, AVG or Symantec, or built-in defense systems like Windows Defender.

Regardless of the security system in place, every dot on that map is someone actively fixing their system with MalwareBytes. That’s why the company wants you to make MalwareBytes your first line of defense, not the last.

Stepping out of the shadows

First released in 2007 after co-founder and CEO Marcin Kleczynski had his own brush with troublesome malware, MalwareByres has been used as a popular “remediation,” tool ever since. That’s because many users have found it to be a more effective tool for discovering infections and attacks than existing antivirus protection. We asked  Kleczynski what makes MalwareBytes a more effective way to discover, and ultimately stop, malware attacks in their tracks.

malwarebytes art
Image used with permission by copyright holder

“A lot of traditional antivirus firms do a lot of work with signatures,” he said. “You’ve seen it before, they ship a large database of signatures [of malware]. They’re hundreds of megabytes. They update it every day or every hour. The issue with that approach is they must react. They actually have to see the malware.”

That’s no good, he says, because it’s impossible to discover every piece of malicious software out there. “You’re never going to see all of the malware, you’re not even going to see five percent of the malware. You have to look at trends and patterns,” he said.

Malwarebytes does exactly that, relying on analysis of how software is running instead of looking for specific signatures associated with known malware. “When we started in 2004, the majority of antivirus ideas were already 20 years old, so we were really able to come up with AV 2.0, and take our own approach to it. […] Even back in 2004, we were already looking at characteristics.”

Today, MalwareBytes employs numerous approaches to cover as many bases as possible. That includes using the signatures of existing and detected malware to track down known infections, and leveraging machine learning to plan. It also looks at behaviors and expected use patterns, so if certain software starts doing something it shouldn’t, it can put a block on it before it starts.

“You’re never going to see all of the malware, you’re not even going to see five percent.”

“Our anti-ransomware system which ships with MalwareBytes, it’s exclusively behavior based,” Kleczynski said. “We look for encryption events and we score them and if we see too much, we actually roll back the process and arrest it. That’s an example of a custom-built technology that we had to put together, because ransomware was such a big issue.”

Ultimately, Kleczynski said, MalwareBytes doesn’t use a “Silver Bullet” technique, claiming that no one solution works for all malware attacks. Instead, it uses a combination of systems and expertise to come at the modern world of breaches and infections with a multi-faceted approach.

Carrots and sticks

While Kleczynski talks a big game, its the company’s recent report on its competitors that is the starkest part of its recent promotional efforts. It’s not just claiming that MalwareBytes is the best. It’s showing how its competitors are failing customers.

“[We]’ve seen a lot of the AV labs putting out reports where many of them score 100 percent,” Kleczynski said. “It’s become increasingly popular with AV vendors to slap stickers on their website. Malware in a lab performs very different from malware in the wild. The only real way, I think, to compare AV vendors is to analyze the real-world data.”

malwarebytes heat map
Image used with permission by copyright holder

That’s exactly what it did with its “Mapping AV Detection Failures,” report. In it, it looked at around 10 million infected systems that cleaned themselves up using the MalwareByte scanning tool between January, and June, of 2017. Of that number, some 44 percent had two or more antivirus solutions installed — yet were infected anyway.

“Taking out all data that looks at MalwareBytes actively blocking threats, we only looked at data of the major AV companies,” Kleczynski said. “They had to be registered in the Windows security center, so had to be actually activated with Windows. If we cleaned up the mess after AV, we sent that information back to our servers. [We recorded] if we have cleaned up malware on a computer and [what antivirus] it has installed. That’s the only data we collected, no personally identifiable information. We tossed away all the IP addresses.”

Other notable stats in the report include that 52 percent of ransomware infections caused by the notorious ransomware known as Hidden Tear were discovered on systems running multiple antivirus solutions. If you eliminate Microsoft’s bundled Windows Defender from the results, some 40 percent of all malware tracked were discovered on a system with an add-on antivirus solution.

Live tracking success and failure

MalwareBytes is aware of the potential for perceived bias in such a report. After all, its own report claiming it’s better than the competition is hardly surprising. That’s where the live heatmap comes in. Available now for anyone to view, it tracks live MalwareBytes scans across the world, highlighting that often these systems have third party antivirus installed — which failed.

While MalwareBytes goes out of its way to avoid naming and shaming anyone in its aggregated report, the live data does not. Microsoft tops the list, suggesting the Windows Defender tool that comes installed by default with Windows 10 is the most popular antiviral solution around. Still, big names like Avast, AVG, McAffee, Symantec, Kaspersky, and many others make the list. They all fail to pick up malware that MalwareBytes ultimately cleans up.

“They might have Windows Defender installed, and then add in Avast, but they’re still getting infected.”

If nothing else, the heatmap shows that a lot of people are using MalwareBytes, and they’ve having success with it. Within just a few minutes of viewing the map, hundreds of success “blips” appear across it. Scrolling through the list, just about every mainstream consumer and business antivirus has been thwarted by an infection that MalwareBytes ultimately cleans up.

“This map shows when remediation cleans up the malware on the devices as its happening,” Kleczynski said. “[We’re] not claiming we’re the best, but […] we’re looking at a lot of consumers who use multiple solutions. They might have Windows Defender installed, and then add in Avast, but they’re still getting infected.”

Building trust in a world full of breaches

Along with its more varied approach to malware detection and prevention, MalwareBytes also employs several practices to keep its own code secure. Competitors like of Ccleaner and Symantec have faced security concerns at the very core of their service, so MalwareBytes thinks this could help build trust among consumers who find it increasingly hard to know where to turn for protection. It’s especially important now that security researchers have highlighted how some antivirus software can introduce more security vulnerabilities than they protect against.

“We have internal security teams – I just hired a new information security officer myself a year ago – and we do a lot of code audits, third party audits,” Kleczynski said. “We have a bug bounty where we pay up to $5,000 for a bug discovered and are thinking about raising that to raise interest. We’re partnered with HackerOne, too.”

This is something all companies should be doing though, he thinks. Highlighting how some of the recent debacles with security at major firms have impacted the public’s opinion of them and data collection services in general, Kleczynski highlighted that ultimately, it’s the way that companies respond to issues that defines them most.

“People will try to find vulnerabilities in your software and it’s how you respond. No programmer is perfect, and I don’t think AV [introduces] more vulnerabilities if done right.”

And his idea of what antivirus (or anti-malware) “done right,” — is MalwareBytes of course.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Early Black Friday External Hard Drive and Portable SSD Deals
Digital Trends Best Black Friday External Hard Drive Deals

Update 11/13/24:With Black Friday rapidly approaching, we're doing our best to keep up with all the best external hard drive deals that have been coming out. To that end, we've updated these deals with a few more options, as well as updated pricing. Also, its very much worth checking back as we find more and better deals to add to this article!

Early Black Friday deals are popping up all over the place, with things like Black Friday Dell laptop deals, Black Friday gaming laptop deals, Black Friday tablet deals, and Black Friday desktop PC deals offering some hefty discounts. If you’ve had your eye on any of these, you may also want to consider an external hard drive for some additional storage space. There are several Black Friday external hard drive deals worth taking a look at, and we’ve rounded up the best of them below. Read onward for all of the details, as well as some information on things to look out for if you plan to purchase an external hard drive while these Black Friday deals are taking place.
Crucial X6 SE 1TB external SSD — $80 $100 20% off

Read more
MacBook Pro 16 vs. MacBook Pro 14: here’s which M4 you should buy
The MacBook Pro 16-inch on a table.

MacBook Pros are some of the best laptops money can buy. With the M4 chip now onboard, these laptops have never been so powerful, and the update brings some interesting upgrades, such as the improved 12-megapixel webcam and brighter screen. They're the best MacBooks that have ever been made, and it's a perfect time to pick one up based on upgrade timing.

But just because the entire MacBook Pro lineup is better now, that doesn't mean it's any easier to choose between the two size options that are available. Despite the fact that they include many of the same features, the 14-inch MacBook Pro and 16-inch MacBook Pro feel like entirely different systems due to their contrast in size.

Read more
The brain-computer interface revolution is just getting started
tech for change brain computer interface who its bxcxfghw

Whether it's jacking into the Matrix or becoming a Na'avi in Avatar, connecting brains to computers is a science-fiction trope that I never thought I'd see become a reality. But increasingly, BCIs (brain-computer interfaces) have become a serious area of study in research labs, rapidly advancing from research labs to real human trials -- perhaps most famously by the Elon Musk's company Neuralink.

While this promises individuals with disabilities a greater degree of freedom and control, along with potential applications in gaming and health care, significant technical, ethical, and regulatory challenges remain. But the more I dug into the topic, the more I found leaders and researchers rising to the occasion to lead us responsibly into the future of the this groundbreaking technology.
What is a brain-computer interface?
Alvin Lucier: Music for Solo Performer (1965)

Read more