Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
The Courts Security

Malwarebytes Faces Lawsuit For Classifying Rival's Anti-Spyware Program As a Threat (techspot.com) 38

Enigma software group has won a crucial case in the U.S. Court of Appeals for the Ninth Circuit, allowing it to proceed with its lawsuit against Malwarebytes for flagging its anti-spyware software as a 'potentially unwanted program.' The lawsuit alleges that Malwarebytes has engaged in anti-competitive conduct under the Lanham Act and tortious interference with Enigma's business. TechSpot reports: The ruling has been lambasted by some legal experts, who believe it could hamper cybersecurity service providers from doing their job effectively. Talking to The Register, Eric Goldman, professor at Santa Clara University School of Law, claimed that the Ninth Circuit's decision was erroneous, as it failed to differentiate between facts and opinions properly. According to him, in deciding in favor of Enigma, the Ninth Circuit failed to comprehend how the cybersecurity industry operates, and how security companies use the terms 'malicious' and 'threat.' He also felt that thanks to the judgment, there will now be more disputes over such classifications in the future, making the job of cybersecurity companies tougher than ever before.

Goldman further argued that the Ninth Circuit's decision would mean anti-malware software vendors will now simply minimize their financial and legal risks by leaving out supposed anti-threat programs from their list of suspect apps even if they display dangerous behavior, which could pose a major threat to consumers. Some smaller players could also exit the industry altogether, which would further hurt consumers by reducing competition. Goldman was also critical of the Supreme Court for denying Malwarebytes' appeal, and called out Justice Clarence Thomas in particular for writing what he called a "gratuitous error-riddled statement about Section 230 that spurred many regulators to pursue their censorship agendas."
Enigma said in a statement: "Malwarebytes (has) disparaged Enigma's products for commercial advantage by making misleading statements of fact. ... Trying to wrap them in a First Amendment flag does not make them any less offensive or any less actionable."

Eric Goldman, professor at Santa Clara University School of Law, told The Register in an email, "This case is like a wrecking ball for internet law." He added: "The Ninth Circuit already damaged Section 230 by creating an exception to its coverage (for 'anticompetitive animus') that no one understands and has not benefited anyone. Then, when the Supreme Court denied the appeal, Justice Thomas wrote a gratuitous error-riddled statement about Section 230 that spurred many regulators to pursue their censorship agendas. Now, the Ninth Circuit has redefined the standards for what constitutes a statement of 'fact' as opposed to an opinion in a way that hurts businesses in the anti-threat software space and well beyond."

"If each classification could similarly support weaponization in court by businesses unhappy with the classifications, then anti-threat software vendors will avoid the financial and legal risks by lowering their cybersecurity standards or exiting the industry," said Goldman. "That puts all of us at greater risk."
This discussion has been archived. No new comments can be posted.

Malwarebytes Faces Lawsuit For Classifying Rival's Anti-Spyware Program As a Threat

Comments Filter:
  • by Anonymous Coward on Thursday June 08, 2023 @05:05AM (#63585348)
    top to bottom.
    • by TheReaperD ( 937405 ) on Thursday June 08, 2023 @06:18AM (#63585400)

      What are you talking about? It's the best system money can buy!

    • I don't have enough facepalms for computers with dozens of antivirus, anti-malware and "optimization/cleanup" programs installed.

      I'm not blaming the users, I'm blaming the FUD culture deliberately created by the vendors of this junkware.

      Having said that, Malwarebytes does seem to do a good job.

      • It used to be a thing, back 20+ years ago. We would use a variety of scanners to check and clean systems suspected of being infected. Some people would even run multiple active AV programs at once (a cure worse than the disease...)

        Nowadays, most just run the built-in AV on a pc and harden the network itself with IDS + Firewall. If a modern system is suspected of compromise you pull it offline and either wipe + reimage it, or replace it from hardware up if it is a critical system.

        But back in the day, equi

        • I remember just 10 years ago, when the self-installing, MS security mimicking Security 2013 worm would get onto a persons computer and refuse all attempts to remove it

          Malwarebytes wiped that shit out with a version update, a reboot and a final cleaning, somehow I suspect that a shitshow named Enigma Software would try and pull the same pranks

          Malwarebytes is dead, long live Malwarebytes

    • by Tablizer ( 95088 )

      Where is it wonderful? Let's go there and copy it.

  • by Anonymous Coward

    Don't worry, this case won't go anywhere and will get tossed right quick.

    If the legal system reclassified opinionated words like "potentially" to be statements of fact, the majority of the legal system itself would be destroyed overnight.

    There's a reason legal statements are peppered with "potentially" to deflect statements of fact, and "allegedly" to deflect responsibility of a claim.

    It's now required just to have a discussion on anything that is a possibility before being declared true, which just happens

    • imo any decent security program will contain malware fingerprints and _should_ be considered as potentially malicious

  • by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Thursday June 08, 2023 @06:21AM (#63585404) Homepage Journal

    This story link contains absolutely nothing on why MBAM might consider their software a threat, let alone whether it might be justified.

    I don't know where this text comes from originally, but I found it in a forum post: [linustechtips.com]

    SpyHunter by Enigma Software Group USA, LLC is a program that was previously listed as a rogue product on the Rogue/Suspect Anti-Spyware Products List because of the company's history of employing aggressive and deceptive advertising. It has since been delisted but some users have reported they still engage in deceptive advertising. Newer versions of SpyHunter install it's own "Compact OS" and uses Grub4Dos loader to execute on boot up. The user no longer sees the normal Windows boot menu but instead sees the GRUB menu. In some cases this has caused the computer to go into a continuous loop or experience other issues when attempting to boot.

    So in summary, users are getting tricked into installing this shitty software which sometimes breaks their computer. It is therefore malware, it should not be difficult to prove it, and we should be looking out to see who's really funding this attack on Section 230.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      Wikipedia:

      SpyHunter is often labeled an Potentially Unwanted Program due to its misleading results of always showing infections, including on clean computers, and injects tracking cookies into a users browser, raising concern whether it is legitimate or not. The company also floods web search results when searching for a specific threat, linking a download to SpyHunter, even if the product is not able to remove it.

      That plus the previous response. Yeah...

    • by Bert64 ( 520050 )

      This is actually nothing new, and has happened many times before. It could be intentional (ie vendor trying to discredit a rival), but they also have plausible deniability because:

      1) anti malware typically employs persistence techniques to make it hard to get rid of - in exactly the same way malware does
      2) anti malware needs to come with a database of known malware, which by necessity must include strings and patterns to look for - it's not uncommon for the patterns in the anti malware database to be detect

      • 3. AV / AM software accesses all files on a system (on disk and in memory) -behavior which looks suspicious to other AV / AM software.

    • drinkypoo:
      Most, if not all, security programs contain a malware/virus signature/fingerprint database to compare their findings to (think of it as a virus snippet used to create a vaccine). In my 4 decades of computer use and administration, these databases have frequently caused other anti-virus software to raise the 'potentially malicious' warning

      So, yes... it is common, if not in fact an industry practice. The legal system calling it into question ignores decades of common usage and will, inevitably, have

  • There's plenty of adware and scareware out there masquerading as anti-spyware/malware. Would Enigma's software fall under that category, or is it legit?

    If it's not legit, did Malwarebytes try to argue that they're engaged in false advertising?

    • by sg_oneill ( 159032 ) on Thursday June 08, 2023 @06:32AM (#63585442)

      Enigma is pretty much everything Malwarebytes says it is. One of those spammy "YOUR COMPUTER IS INFECTED INSTALL THIS ANTIVIRUS NOW" type sleazo marketers.

    • Agreed - except I don't think false advertising has anything to do with it. Despite Trump's fervent hopes, "they did bad things too" is generally not a legal defense, except in the context of self defense or breach of contract. False advertising charges would be an unrelated case.

      If Engima's software is legitimately acting in sleazy ways, then it's justifiably flagged as potentially malicious, and the judge probably misruled. If not, then Malwarebytes is almost certainly engaging in anticompetitive behav

    • wikipedia
      SpyHunter is often labeled an Potentially Unwanted Program due to its misleading results of always showing infections, including on clean computers, and injects tracking cookies into a users browser, raising concern whether it is legitimate or not. The company also floods web search results when searching for a specific threat, linking a download to SpyHunter, even if the product is not able to remove it.

  • by VoodooCryptologist ( 7614904 ) on Thursday June 08, 2023 @06:50AM (#63585476)
    I wanted to give some legal information because the article doesn't provide it very clearly. There's some fairly substantial procedural history here but the bottom line is that Engima sued MalwareBytes because MalwareBytes classified Engima's software as a PUP. According to Enigma, this was retaliatory because Engima sued Bleeping Computer. Again, according to Enigma, BC was an affiliate of MalwareBytes as a sort of marketing website designed to drive users to MalwareBytes. Engima's case was dismissed. To oversimplify it a bit, a Motion to Dismiss in this context is a situation where the judge reads Enigma's allegations and says "okay, if I assume all of this to be true, would you be able to succeed at trial?" It's designed to put a relatively quick end to lawsuits where a litigant can't possibly recover damages even if all their facts are correct. For example, if I sued someone because that person took my parking space at the grocery store, the court will dismiss it because even if all that was true, there's no legal theory under which I could win. The judge never decided the case "on the merits." It's not uncommon for Motions to Dismiss to be denied, because judges generally prefer to decide cases on their merits rather than kick it out early. The practical impact of this appellate decision is that Engima's case can still proceed. Enigma may still lose - it's not decided by a long shot. In the field of anti-trust law, statements can be acted upon if it's a false statement of material fact that is likely to influence purchasing decisions and injure the other company. (That's a simplification.) Because it's a Motion to Dismiss, the Court will assume that the statements are false. It doesn't mean that MB's statements were false, and the Court didn't even consider if they were because that's how a Motion to Dismiss works. tl;dr - Enigma didn't win the case, they can just keep arguing. It is probably less of a disaster than that commentator claims.
  • "According to him, in deciding in favor of Enigma, the Ninth Circuit failed to comprehend how the cybersecurity industry operates"

    Or they comprehended exactly how the cybersecurity industry operates.

  • Eric Goldman, professor at Santa Clara University School of Law, claimed that the Ninth Circuit's decision was erroneous, as it failed to differentiate between facts and opinions properly

    I think this is pathetic. When a malware flags a competitive malware as a threat, it is anti-competition plain and simple. The "professor" claims such and such, but he won't elaborate why, that's because he can't. If he goes into the why, he'll effectively prove himself bogus.

  • Comment removed based on user account deletion

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]

Working...