Connect with us

Hi, what are you looking for?


Endpoint Security

Malwarebytes Scores Legal Win Over Enigma Software

Enigma Software, supplier of software known as SpyHunter, has a notice on its website: “Malwarebytes Inc., the maker of Malwarebytes Anti-Malware (“MBAM”) and AdwCleaner, is intentionally blocking SpyHunter and RegHunter for what we believe are competitive reasons… We have taken legal action against Malwarebytes and are seeking remedies for this unfair conduct.”

Enigma Software, supplier of software known as SpyHunter, has a notice on its website: “Malwarebytes Inc., the maker of Malwarebytes Anti-Malware (“MBAM”) and AdwCleaner, is intentionally blocking SpyHunter and RegHunter for what we believe are competitive reasons… We have taken legal action against Malwarebytes and are seeking remedies for this unfair conduct.”

Those legal remedies were dismissed by the District Court, Northern District of California, San Jose Division on November 7, 2017. 

The heart of the issue has been Malwarebytes’ determination that SpyHunter is effectively a PUP; that is, a potentially unwanted program. PUPs tend to be nuisances rather than specifically malware. They are often adware apps that are easy to install and difficult to remove, offering little practical value to the consumer. Malwarebytes has been one of the more aggressive endpoint protection vendors in its classification and removal of PUPs.

It does so with SpyHunter — and Enigma Software objected. Enigma’s legal complaint claimed that Malwarebyte’s actions were competitively motivated, and it asked the court for “Preliminarily and permanently enjoining Malwarebytes from programming MBAM to prevent the download and installation of SpyHunter or RegHunter;” adding a request for “punitive damages”.

In response, Malwarebytes requested the court to dismiss Enigma’s action, citing immunity under the Communications Decency Act — which states, “No provider or user of an interactive computer service shall be held liable on account of… any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected…”

The court agreed, confirmed Malwarebytes’ immunity, and dismissed Enigma’s case.

This doesn’t mean that SpyHunter is legally a PUP, only that Enigma cannot stop Malwarebytes from offering users the option to remove it under its PUP program.

Advertisement. Scroll to continue reading.

F-Secure’s Sean Sullivan commented, “We at F-Secure have our own PUP criteria in our efforts to do what’s best and right for our customers — and I’m comfortable that’s exactly the intentions of the folks at Malwarebytes. Fighting for their customers — good for them!”

Malwarebytes is delighted. “This is not only a critical win for Malwarebytes, but for all security providers who will continue to have legal protection to do what is right for their users,” blogged CEO Marcin Kleczynski yesterday. “This decision affirms our right to enable users by giving them a choice on what belongs on their machines and what doesn’t.”

It’s too early to tell whether this is the beginning of the end of the PUP problem. “I’m not sure how much difference isolated instances of case law will make in the short term,” comments ESET senior research fellow, David Harley, “but anything that tends to make monetization firms more answerable to the needs of the population as a whole — or at least that sector of the population whose interests the security industry aims to protect — is positive. It might be better in the long term, though, if the software distribution and monetization industries and the security vendors work out their differences in the context of the Clean Software Alliance. Well, we can but hope,” he added.

Luis Corrons, technical director at PandaLabs, is not sure that the battle can be won in the courts. “All PUP fights in court, win or lose,” he told SecurityWeek, “are a waste of time and resources for all of us. We could fight in court for ages and that won’t help anyone.”

Instead, he hopes for a solution via a relatively new organization, AppEsteem. “It is time to take a different approach in this field,” he continued. Here what AppEsteem is doing has the potential to be a game-changer that helps everyone: users not being bothered by software that does not behave properly, security vendors focusing only on protecting their users and software vendors making money by being transparent and offering real value to end users.”

AppEsteem’s president, Dennis Batchelder, is clear, however. The result from the courts is “great for security companies, but more importantly, this dismissal is a big win for consumers. Security companies can truly put protection first. This strengthens AppEsteem’s resolve to call out every deceptive app and drive a world where consumers are safe from fraud.”

Related: The Battle With “Potentially Unwanted” Programs in the Enterprise 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

A vulnerability affecting IBM’s Aspera Faspex file transfer solution, tracked as CVE-2022-47986, has been exploited in attacks.