Friday, February 5, 2016

Enigmasoft v. Bleeping Computer - an unbiased review

As you may have heard, Enigma Software (enigmasoft) is suing computer help site Bleeping Computer for what is essentially a bad review.  The lawsuit alleges that many of the contributors knew that Bleeping Computer received affiliate money for recommending MalwareBytes, a competing program.  It further alleges that the reviewers on the site told people not to buy SpyHunter based on saying it had been classified as "rogue software" (which was once true) and that Enigma had been accused of misleading business practices (also true).  They further claim these issues had been resolved at the time of the review being published and the user who recommended MalwareBytes over SpyHunter based on this information he found on the Internet caused the company material harm in excess of $75,000.  I'm paraphrasing a little here, read the lawsuit to get all the details.

Enigma Software Website
I guess the only kind of bad publicity is no publicity at all.  I'll say that prior to this lawsuit, I'd never heard of Enigmasoft or their "flagship" security product SpyHunter.

HTTP login form? Seriously?!
One look at their website was more than enough to tell me that for a security company, they sure don't take security seriously.  The customer login form is available from an HTTP site.  When working with clients at Rendition Infosec, we sometimes see these forms redirect to an HTTPS site. But even then it isn't safe.  If a user connects to the form over HTTP, he could change the destination of the form or use JavaScript to steal the information before sending it to the original destination.

Even their dedicated login page at www.enigmasoftware/myaccount/ uses a POST to an HTTP site.  Any company should know better than this in 2016. But for a company that sells security software for a living, using an HTTP based login form is inexcusable.

Okay, HTTP logins... But how well does it detect malware?
Website aside, the SpyHunter software isn't particularly effective at detecting malware either.  I had several hundred malware samples on the virtual machine, ranging from the wiper malware that hit the Ukrainian power networks to some random stuff I downloaded months ago with maltrieve.  What were the detection results?  Not good.

SpyHunter can find cookies!
It turns out that SpyHunter can find cookies, particularly tracking cookies, like it's nobody's business.  It labels them as threats, which is arguably true.  Most people would probably prefer no tracking cookies be installed.  But would you pay to remove them when many free programs remove them too?  Of course not.  Shouldn't the SpyHunter program also find at least some of the well known malware on my machine too?  Of course it should.

No commission here
Let me be clear that I don't receive commission from any antivirus company for writing positive or negative reviews.  One of my Rendition employees took a look at the overall security of the SpyHunter program (stay tuned for more on that).

When it comes down to brass tacks, results are results.  My personal opinion is that if SpyHunter can't find well known malware, then it probably isn't worth paying for.

Is this a bad review?  Yep, damn skippy.  And well deserved too.  Is Enigma going to sue me for it?  I hope they know better.  This turtle says it better than I ever could...


  1. I have used Kaspersky protection for a few years, and I recommend this antivirus to all you.

  2. In this post, I talk about the God Enigma, a topic which you all know can never be effectively described, but there is much that can be described. There is a God, but not one you would probably be familiar with, since the real characteristics of God is not well-known. crossword puzzle help


Note: Only a member of this blog may post a comment.