Malwarebytes
Company type | Private |
---|---|
Industry | |
Founded |
|
Founder |
|
Headquarters | Santa Clara, California , |
Area served | Worldwide |
Key people |
|
Products |
|
Number of employees | 800+[2] (2017) |
Website | www |
Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; and Cork, Ireland.[3]
History
Early history and background
Malwarebytes Inc. was informally established in 2004.[4] CEO and founder Marcin Kleczynski, originally from Poland, was still a teenager attending high school in Bensenville, Illinois at the time, and was working as a technician in a computer repair shop in Chicago.[5] He noticed that whenever infected computers arrived, the shop would typically reformat the computer entirely, rather than combat the virus, even if the infection was only minor. Kleczynski later discovered that, when his mother's computer became infected, neither McAfee nor Symantec would remove the malware from his system.[6] He later recalled "I've never been as angry as when I got my computer infected", and professed that his mother told him to fix it "under penalty of death".[7] It was only after Kleczynski posted on the forum SpywareInfo, popular at the time, that he was able to learn how to remove the virus, which took three days.
The company was unofficially founded after this, when Kleczynski conversed and became friends with several of the editors of the forum, who tempted him to buy an unused domain from them.[6]
With one of the site's regulars, Bruce Harrison, Kleczynski wrote the inaugural version of the company's software.[7] In 2006, Kleczynski worked with a college roommate to produce a freely available program called "RogueRemover", a utility which specialized in fighting against a type of infection known as "rogues", which scam computer users into giving away their credit card information through fake anti-virus software. RogueRemover proved instrumental in developing Malwarebytes Anti-Malware, and Kleczynski was able to set up a forum which enabled him to improve the software through feedback.[6] Kleczynski and Harrison formally launched Malwarebytes on January 21, 2008 while Kleczynski was studying computer science at the University of Illinois.[6][7] Bruce became the VP of Research for Malwarebytes, and further hired Doug Swanson, with experience in freeware development to work for the new company. Marcus Chung, an e-commerce expert who formerly worked for GreenBorder, was hired as chief operating officer.[6][8] Kleczynski and Harrison reportedly made $600,000 in their first year of selling the software, despite not having met personally at the time.[9]
Post-2010 developments
In 2011, Malwarebytes acquired HPhosts, a website blacklisting company, which tracks blacklisted websites and ad servers, a necessary development to protect against new internet protocol addresses and web servers which distribute malware, and advise internet service providers to shut down those with malicious activity.[10] That year, the company had claimed to have removed over five billion pieces of Malware in three years.[8] The following year, the company launched into the corporate market with an enterprise product aimed at desktop-based anti-malware detection and protection.[11] In 2013, Malwarebytes acquired ZeroVulnerabilityLabs, Inc., a security research and development company founded by Pedro Bustamante, which protects software applications from "known and zero-day exploits used by exploit kits, web-based vulnerability exploits and other corporate-targeted attacks".[12] They expanded their malware removal and protection to the Android platform with the launch of Malwarebytes Anti-Malware Mobile,[13] and launched a USB-based product called Malwarebytes Techbench aimed at helping technicians remove malware.[14]
In 2014, Malwarebytes received $30 million in funding from Highland Capital, and by the following year it announced that it had treated 250 million computers worldwide, representing about 20–25% of working business computers.[9] By 2013 it claimed to have removed five billion malware threats from computers in its first five years.[15] In June 2015, the company announced that it was moving its headquarters from 10 Almaden Boulevard in San Jose, California to a new 52,000 square feet (4,800 m2) office space on the two top floors of the 12-story 3979 Freedom Circle in Santa Clara, California. The new office is more than twice the size of the former office. The company reported a growth of 10 million users in just one year, from 25 to 35 million active users at the time, and an increase in revenue by 1653% in 2014.[7] In 2015, Kleczynski was named one of Forbes Magazine's '30 Under 30'.[16]
In January 2016, Malwarebytes unveiled advanced anti-ransomware package Endpoint Security,[17] and announced that it had raised $50 million in investment from Fidelity Management and Research Company. Kleczynski stated that the funds would be used primarily for the company's hiring, product development and marketing assets.[9] In June, Malwarebytes announced a strong growth in sales of over 75 percent in the first quarter of the year compared to 2015, with billings surpassing $100 million. The corporate subscription base for the company was reported to have grown by 90%.[18] In September, Proofpoint, Inc. CEO Gary Steele joined the company's board of directors, with Kleczynski citing his "deep expertise in the security software industry, and his proven ability [at] increasing sales revenue" as the main reasons for his appointment.[19] In October the company purchased AdwCleaner, a Windows program used to clean adware and Potentially Unwanted Programs (PUPs) from computers.[20] In February 2017 the company acquired Saferbytes, an Italian security start-up specialized in anti-malware, anti-exploit, anti-rootkit, cloud AV, and sandbox technologies.[21]
In November of 2019, the company joined forces with competitors NortonLifeLock and Kaspersky along with the Electronic Frontier Foundation and non-profits including the National Network to End Domestic Violence and Operation Safe Escape to form the Coalition Against Stalkerware. The coalition seeks to inform, educate and combat the use of tracking apps without consent.[22]
Post-2020 developments
In January 2021, Malwarebytes was targeted by the same nation state actor implicated in the SolarWinds attack and suffered a limited access breach. CEO Kleczynski published a blog post detailing the company’s attack and response.
In February of 2021, Malwarebytes published its 2021 State of Malware Report which shared cyberthreat research including 30 million examples of Mac malware and a 1,055% increase in spyware detections in 2020.
In May 2021, Malwarebytes announced a collaboration with Digitunity to deliver cyberprotection to vulnerable communities underserved by technology access, expanding its portfolio of social impact work.
Executive leadership
Marcin Kleczynski has been the CEO of Malwarebytes since 2008.
In 2018, Malwarebytes hired former CFO of Angi, Tom Fox, to serve as CFO for the company. In 2021 Tom was promoted to President, retaining the title of CFO in this new role.
In 2020, Malwarebytes promoted Chief Revenue Officer Barry Mainz to Chief Operating Officer after he scaled up global marketing, consumer and customer growth and customer success during his two-year tenure with the company.
In 2020 Malwarebytes recruited Dariusz Paczuski as senior vice president of marketing, he was promoted to CMO in 2021.
In 2021, former LogMeIn executive, Mark Strassman joined Malwarebytes as chief product officer.
Services and products
Kleczynski has stated that Malwarebytes, first developed in 2008, has a competitive advantage over many other traditional antivirus programs, many of which were developed in the late 1990s, before the development of many later forms of malware.[6] The New York Times has described Malwarebytes as a "hybrid of heuristics, behavior and a signature engine that is designed to detect and block malware that other vendors can't detect".[10] According to Dean Takahashi of VentureBeat, Malwarebytes complements other antivirus software from vendors such as Symantec and McAfee, with the anti-malware working alongside other anti-virus software to attack the problem from "different directions", remarking that the software both removed infections from infected machines, whilst preventing others from becoming infected in the first place.[8]
As in the early development days with RogueRemover, Malwarebytes continues to support community feedback on its products, and runs two sub-forums complementing the main forum, known as "False positives" and "Malware contribution", with the false positives being reported allowing the company to update its database within hours of posting, and the Malware contribution allowing for users to quickly report malware missed by the software.[6][9]
Products
Malwarebytes has several products, which as of 2011[update] were available in 36 different languages. Malwarebytes Anti-Malware offers two different versions, one for free download for home computers, and the other a professional version, with a 14-day free trial in advance, offering "real-time protection against malware, automated scanning, and automatic updating".[10] Malwarebytes Anti-Malware Mobile is a free Android app which protects smartphones from mobile malware, preventing unauthorized access to personal data identifying tracking applications.[23] It has a rating of 4.4 on the Google Play store.[needs update][24]
In 2014, the company launched Malwarebytes Anti-Malware 2.0 with an improved user interface and dashboard.[25] The company also launched Malwarebytes Anti-Exploit in the same year, which shields selected applications from attacks by "exploit mitigation to protect vulnerable programs".[4] Anti-Exploit also comes in a free and paid for version for Windows computers. The free version stops exploits in browsers and Java, whilst the paid product adds protection for a wider range of software applications.[26] Anti-Exploit received four stars from PC Magazine in 2015[27] and won V3 magazine's "Security Innovation of the Year" award in 2014.[28]
In 2016, Malwarebytes Anti-Exploit was merged into the premium version Malwarebytes version 3.0, and the standalone application is now offered only as a perpetual beta.[29]
In January 2016, Malwarebytes unveiled Malwarebytes Endpoint Security, advanced anti-ransomware technology which is described as the "first solution to offer multiple layers of protection against unknown ransomware". The company sponsored a survey with Osterman Research into 540 firms in the United States, United Kingdom, Canada and Germany and found that nearly 40% of companies had experienced ransomware incidents, of which 34 percent had accounted for loss of revenue.[17] The Guardian reported that one-fifth of British companies had been charged over $10,000 to unlock their files and that there was an increasing demand for anti-ransomware technology.[30] After Endpoint's inception, the beta was reportedly downloaded by some 200,000 businesses and consumers in the first six months of the year.[17]
In 2017, Malwarebytes expanded its portfolio to include mobile products for Mac and Android including Malwarebytes for Android and Malwarebytes for Mac. Malwarebytes also can be ran on ChromeOS, but mainly provides protection against Android threats. [31] Malwarebytes also released Malwarebytes for iOS in 2018 to deliver secure and private mobile experiences for its users. Due to Apple's security restrictions, Malwarebytes for iOS can not remove malware, but does provide basic web protection and spam blocking. [32] In 2020, Malwarebytes Privacy, a VPN offering, was launched.
In 2018, Malwarebytes expanded its business portfolio by launching Malwarebytes Endpoint Protection and Response to monitor, identify and remediate attacks. This offering was extended in 2020 to include server protection for enterprise customers with Malwarebytes Endpoint Detection and Response for Servers and Malwarebytes Endpoint Protection for Servers. In 2020, Malwarebytes also launched Malwarebytes Nebula, a cloud platform for enterprise customers to simplify endpoint management and reporting.
Malwarebytes also has numerous tools such as a Junkware Removal Tool to remove adware, an Anti-Rootkit Beta to remove and repair rootkits, StartUpLITE to boost the speed of the Windows reboot, FileASSASSIN to prevent locked files and a Malware Removal Service to support organizations under an active malware attack.[4]
License and privacy
The software license[33] requires arbitration "in the county where you reside", forbids class action suits, reverse engineering and sharing, and limits warranties and liability. Even the free version may not be shared, since the company tracks use of the product separately for each user.
Malwarebytes' privacy policy[34] lists many types of information they collect and store, including, amongst other things, software running on a user's computer ("programs installed or in use"), "name, email address, mailing address, or phone number... company name, company size, business type... Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site ... operating system, date/time stamp, and/or clickstream data ... type of device you use, operating system version, and the unique device identifier... language... 32- or 64-bit... Information from the Windows Security/Action Center, including security settings and programs installed or in use... license... the number of seats being managed by that installation of the console[,] Endpoint domain information... organization to which the IP address is licensed, if any".[35]
There are different limits on their use, sale, and sharing of data:
- No limits for what they call "non-personally identifiable information ('Non-PII')". "Non-PII ... may include... anonymously generated device identifiers",[35] which are tied to most other data items listed above.
- Limited uses for personally identifiable information (PII), including name, address, phone, company name, size and business type, "we do not share PII with third parties" except for situations listed in the Privacy Policy, which include that they "may disclose PII to government ... and private parties ... to satisfy... regulation ... subpoenas... to protect ... the public in general; ... to prevent or stop activity we consider to be illegal or unethical."[35] The company also discloses enough information to provide "advertising based upon your browsing activities and interests."[35]
In general, the company does not put time limits on how long they keep user data, except for IP address or when users ask for deletion of PII:
- "we do not retain the IP address... However, we do use it to gather ... continent, country, city, and approximate latitude/ longitude ... The type of connection (dialup/broadband/satellite/mobile) The ISP... The organization to which the IP address is licensed, if any".[35]
- "You may access and modify the PII [personally identifiable information]... If you want us to delete your PII... We will delete your information as soon as possible; however, some information may remain in archived/backup copies for our records or as otherwise required by law. We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements."[35] They define PII to exclude device identifiers, so they do not promise to delete these identifiers and user history.
While Malwarebytes saves locations of IP addresses, including for mobile devices, the company has stated that this information is not used to extract GPS locations from mobile devices: "We do not ask for, access or track any location based information from your mobile device at any time while downloading or using our Mobile Apps or Services."[35] The company has not stated if they track antenna locations.
The company also collects detailed information on malware and exploits they find, tied to the user's license number and device identifier, "vendor... File path of exploit process... Command-line arguments passed to the exploit... (Potentially) a copy of the exploit executable itself".[35] The company does not list the license number as PII.
Malwarebytes has a certificate from TRUSTe, which among other things certifies the company "Limits the information collected and limits use to what is specified in the privacy notice."[36]
See also
References
- ^ "Developments – Cork Invest". CorkCity.ie. Retrieved 31 December 2017.
- ^ "Malwarebytes". LinkedIn. Retrieved 11 November 2017.
- ^ "Malwarebytes – Talent Community". jobs.Malwarebytes.com. Retrieved 31 December 2017.
- ^ a b c "Company Overview of Malwarebytes Corporation". Bloomberg. Retrieved 12 October 2016.
- ^ "Q&A: Marcin Kleczynski, CEO of Malwarebytes, on cybersecurity and startups". San Jose Mercury News. 18 July 2014. Retrieved 26 April 2015.
- ^ a b c d e f g "Interview with Malwarebytes' founder, Marcin Kleczynski". Techspot. 11 October 2012. Retrieved 12 October 2016.
- ^ a b c d "Malwarebytes grows out of downtown San Jose as demand for virus protection soars". Silicon Valley Business Journal. 16 June 2015. Retrieved 14 October 2016.
- ^ a b c "Malwarebytes quietly becomes a big player in anti-malware software – VentureBeat – News – by Dean Takahashi". VentureBeat. Retrieved 26 April 2015.
- ^ a b c d Lunden, Ingrid (21 January 2016). "Security Startup Malwarebytes Raises Another $50M From Fidelity". Tech Crunch. Retrieved 12 October 2016.
- ^ a b c "Malwarebytes Quietly Becomes a Big Player in Anti-Malware Software". The New York Times. 18 July 2011. Retrieved 12 October 2016.
- ^ Ellen Messmer (17 September 2012). "Malwarebytes offers enterprise anti-malware detection, prevention". Network World. Retrieved 26 April 2015.
- ^ "Malwarebytes Completes Acquisition of ZeroVulnerabilityLabs". 20 June 2013. Retrieved 12 October 2016.
- ^ Michael Kassner (21 October 2013). "Malwarebytes Anti-Malware Mobile now protects Android devices". TechRepublic. Retrieved 26 April 2015.
- ^ "Portable USB drive fixes malware-crippled machines". net-security.org. 2 October 2013. Retrieved 26 April 2015.
- ^ "Five billion strikes in five years for Malwarebytes". SC Magazine. 21 January 2013. Retrieved 14 October 2016.
- ^ Upbin, Bruce. "Marcin Kleczynski, 25 – In Photos: 2015 30 Under 30: Enterprise Technology". Forbes. Archived from the original on January 6, 2015. Retrieved 14 October 2016.
- ^ a b c "Malwarebytes Endpoint Security Now Protects Businesses Against Current and Future Ransomware Threats". BusinessWire. 3 August 2016. Retrieved 12 October 2016.
- ^ "Malwarebytes Sales Grow by 75 Percent in Q1". BusinessWire. 29 June 2016. Retrieved 27 October 2016.
- ^ "Proofpoint CEO Gary Steele Joins Malwarebytes Board of Directors". Digital Journal. 13 September 2016. Retrieved 12 October 2016.
- ^ "Malwarebytes acquires AdwCleaner". Ghacks.net. 21 October 2016. Retrieved 27 October 2016.
- ^ "Malwarebytes acquires Saferbytes". press.malwarebytes.com. 7 February 2017. Retrieved 7 February 2017.
- ^ Ng, Alfred. "Cybersecurity firms form coalition to fight stalkerware". CNET. Retrieved 2021-10-02.
- ^ "Malwarebytes Anti-Malware for Android". TechSpot. Retrieved 14 October 2016.
- ^ Malwarebytes. "Malwarebytes Anti-Malware – Android Apps on Google Play". Retrieved 26 April 2015.
- ^ "Malwarebytes Anti-Malware 2.0". PC Magazine. 14 December 2014. Retrieved 14 October 2016.
- ^ "Malwarebytes Anti-Exploit aims to stop unknown threats to Windows". ZDNet. 13 June 2014. Retrieved 14 October 2016.
- ^ "Review Malwarebytes Anti-Exploit Free: Malwarebytes Anti-Exploit Free". PCMag UK. 17 December 2014. Retrieved 26 April 2015.
- ^ "V3 announces winners of Technology Awards 2014". V3. Retrieved 26 April 2015.
- ^ Martin Brinkmann (12 December 2016). "Malwarebytes Anti-Exploit Standalone information - gHacks Tech News". gHacks Technology News. Archived from the original on 7 August 2017. Retrieved 12 August 2018.
- ^ "Ransomware threat on the rise as 'almost 40% of businesses attacked'". The Guardian. 3 August 2016. Retrieved 14 October 2016.
- ^ "Antivirus for Chromebook | Malwarebytes for Chromebook". Malwarebytes. Retrieved 2021-11-03.
- ^ "iOS Security - iPhone Call, Text, and Ad Blocker". Malwarebytes. Retrieved 2021-11-03.
- ^ "Malwarebytes Software License Agreement, undated". Retrieved 2017-03-14.
- ^ "Privacy Policy". Malwarebytes. Retrieved 2020-04-27.
- ^ a b c d e f g h "Malwarebytes Privacy Policy". 2016-12-08. Retrieved 2017-03-14.
- ^ "Privacy practices and standards, undated". Retrieved 2017-03-14.