Jump to content

ChronoPay attempted to reverse engineer Malwarebytes

Recommended Posts

Malwarebytes has certainly been getting a lot of attention from other companies. In 2009, IOBit decided to take advantage of Malwarebytes definition files by implementing them into their own. Malwarebytes quickly caught wind of this and accused Chinese software firm IOBit so reverse engineering it's malware signatures. This of course brought about a lot of commotion and IOBit received a lot of negative press. Thankfully, they finally did the right thing and removed Malwarebytes definitions from their own definitions.

Recently, ChronoPay revealed to security researcher and journalist Brian Krebs that they've hired programmers to reverse engineer the free version of Malwarebytes in an attempt to create their own anti virus solution. Upon learning this to the researcher published screenshots from a ChronoPay internal system showing that they deal with distributing scareware, selling pirated music, running illegal online pharmacies and much more. When confronted about this, ChronoPay released an official statement denying any involvement in the distribution of scareware. "We assure both our customers and competitors that we have no involvement at all with scareware or malware and warn anyone attacking our company with likes and rumor that we will put the full weight of our company behind the appropriate legal response."

ChronoPay may be attempting to find a way of evading the Malwarebytes product since they deal with distributing scareware. Another possibility, is that they're interested in the code to use for one of their own products that they may release in the future. Either way, attempting to reverse engineer someone elses intellectual property without permission is never good news.

View the full article

Link to comment
Share on other sites

It seems this story has got a little garbled as it travels round the Internet.

ChronoPay is actually Russia's largest online payments processor (i.e credit card transaction processor). However, amongst the transactions ChronoPay handles are payments for rogue AV's, online, "pharmacies", etc.

As Brian Krebs himself has said in ChronoPay’s Scareware Diaries:

ChronoPay handles Internet bill payments for a variety of major Russian companies, including domestic airlines and utilities. But ChronoPay also specializes in processing the transactions of so-called “high-risk†industries, including online pharmacies, tobacco sales, porn and software sales. A business is generally classified as high-risk when there is a great potential for credit card chargebacks and a fair chance that it will shut down or vanish without warning.

What Brian actually reported about Malwarebytes was:

When I visited Vrublevsky in Moscow in February, he told me of plans to launch a ChronoPay-branded anti-virus solution, and many of the documents included in this section of ChronoPay’s MegaPlan installation are technical papers referencing the development of different anti-virus software modules. The documents suggest that the company has hired programmers to reverse-engineer the free version of the commercial anti-malware product Malwarebytes.

Brian Krebs is himself well-known and well-respected as a Computer Security researcher. He wrote for the Washington Post for about 14 or 15 years.


Link to comment
Share on other sites

Co-founder of ChronoPay, Pavel Vrublevsky, has been arrested on other charges.

According to Brian Krebs' blog:

Russian authorities on Thursday arrested Pavel Vrublevsky, co-founder of ChronoPay, the country’s largest processor of online payments, for allegedly hiring a hacker to attack his company’s rivals.


Link to comment
Share on other sites


Report neutrally and stop pushing an agenda with phrases such as "Thankfully, they finally did the right thing" and "Either way, attempting to reverse engineer someone elses intellectual property without permission is never good news.".

Intellectual property is a term that refers to copyright, patents and trademarks, and other stuff. Patents cant be reverse-engineered as they are already open for everyone to see since USPTO publishes them. Trademarks cant be reverse engineered. So stop using the term IP when its not appropriate.

Reverse engineering is legal unless you have waived your rights to do so by signing an contract/license.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...