Malwarebytes quietly becomes a big player in anti-malware software

Chances are you haven’t heard about Malwarebytes. The company has quietly become a force in security technology, achieving more than 100 million downloads of its anti-malware product since 2008. Now the profitable company is adding a million users monthly for its Malwarebytes software, which cleans infections off computers.

That growth rate — fueled all by word of mouth — has been possible because of the combination of the explosion in malware and the popularity of the freemium model, where users can get a measure of protection for free and pay extra for premium service. Over time, the San Jose, Calif.-based company says it has detected more than 5 billion pieces of malware during its history.

“The big antivirus companies started 15 years ago, but our solution is less than three years old and it is built to deal with the problems we have today,” said Marcin Kleczynski (pronounced Kleh-chin-ski), founder and chief executive of Malwarebytes. (He is pictured below).

Malwarebytes works alongside antivirus software from vendors such as Symantec and McAfee. Like using a seatbelt and an airbag together, antivirus and anti-malware go together because they attack the problem from different directions. Malwarebytes cleans off machines that are already infected, while the pro version stops your machine from getting infected in the first place. Generally, the company can push out a fix for a particular piece of malware within an hour of discovery. That’s important because malware can spread to thousands of people within five minutes. And that’s one reason why the big antivirus vendors recommend it.

The company traces its roots back to 2004, when Kleczynski was working as a computer technician and found that machine after machine had been disabled by malware. His own home PC got infected and he took to the internet forums to get advice about fixing it. That took more than three days.

Kleczynski started building a Rogue Remover anti-malware program and released it in 2006. By 2008, the company formally incorporated and spruced up its user interface. In late 2008, Kleczynski brought aboard security and e-commerce expert Marcus Chung as chief operating officer and moved to San Jose.

The company has been profitable from the outset and hasn’t raised money. Today, Malwarebytes says it is opening a European office (headed by Fernando Francisco) and is announcing it has acquired hpHosts, which tracks blacklisted websites, ad servers, and tracking servers. That deal ensures that Malwarebytes protects against the newest malevolent internet protocol addresses and blocks the web servers that are used to distribute malware. hpHosts also uses the blacklist to persuade internet service providers to shut down malware-producing servers.

“The point is we can protect the internet community as a whole by stopping malware from being distributed to millions of people,” Kleczynski said.

Rivals include Lavasoft, Spybot, SUPERAntiSpyware, and Prevx (owned by Webroot). Malwarebytes says its detection engine is newer and more innovative because it doesn’t require a huge manual effort from security researchers to identify and counteract new malware. It is a hybrid of heuristics, behavior and a signature engine that is designed to detect and block malware that other vendors can’t detect.

“This is a significant step in the growth of Malwarebytes,” said Marcin Kleczynski (pronounced Kleh-chin-ski,) Malwarebytes founder and CEO, in an interview.  “We acquired a key technology to expand our product features, expanded operations into the EMEA region, and our momentum is clearly growing with more than one million new users every month.”

Malwarebytes comes in two versions: a free download that cleans consumer computers of malware as well as a professional version which offers real-time protection against malware, automated scanning, and automatic updating. The pro service has a 14-day free trial. Roughly 2 million or so pro versions have been sold.

The company has earned itself some die-hard fans, such as Sylvain Chamberlain-Nyudo, an artist, sculptor and painter who previously worked as a software developer. Chamberlain-Nyudo, who lives near Tupelo, Miss., searches the internet all day long for imagery and research for ideas that can become the foundations of paintings. And that means he gets hit with Trojans and other malware that are planted in those pieces of art. Quite often the antivirus software doesn’t do any good. With Malwarebytes, Chamberlain-Nyudo can disable those attacks and fix the problems. And the anti-malware software also allows him to block the offending sources of the attacks.

“I have used malwarebytes in its various forms for some years now,” said John Casaretto, an enterprise technology consultant.  “I definitely heard about it through word of mouth and later used it in advanced malware cleaning and found it to be the best tool of its kind there is – bar none.”

The challenge now is keeping up with the pace of malware, with new 2,000 to 3,000 new pieces coming out every hour. Malware now is harder to perceive, working quietly in the background as a user does other tasks. And much of it comes from China and Russia and has roots in organized crime.

Malwarebytes is available in 36 languages and is available in a wide array of retail stores. The company has less than 40 employees. At some point, the company will move into both the enterprise and mobile markets. Kleczynski said the company’s goal is to hit 223 million downloads and more than 5 million units sold by 2013. At the current rate of growth, that’s possible.

Charles Kolodgy, an analyst at IDC, said that the endpoint security technology market — which includes anti-malware software — is expected to grow 8 percent this year to $7 billion.

“We don’t have hundreds of researchers,” Kleczynski said. “We reduced the problem by creating a smart engine, where we only have to add maybe 50 digital fingerprints a day. We reduce the problem to a more manageable size and move quickly.”