Several years ago, I blogged that we would be increasing how aggressive we would be in detecting Potentially Unwanted Programs (PUPs) and our fantastic malware intelligence and research teams have delivered on that promise. Last year, we removed approximately 500 million traces of PUPs per month!
In response, a lot of the PUP developers are making efforts to circumvent our criteria and continue distributing their damaging software to users. This is why we are getting even more critical about what we call a PUP, and what we are going to be detecting and removing from user systems.
Earlier this morning, Malwarebytes posted a revision to the criteria that we use to identify PUPs. These changes are to help continue that fight against products and companies that scam users on the Internet.
Our efforts have resulted in making users’ systems safer and more productive by removing these kinds of software. Unfortunately, we have also received a lot of negative attention from the PUP developers. This has resulted in backlash ranging from nasty blog posts and comments from fake profiles defending the products to, of course, a mountain of letters with legal letterheads demanding that we stop.
Now some people might think of this as something that would slow us down, but we see it as proof that we are making a dent in the development and distribution of PUPs.
You can learn more about our new PUP criteria here.
Marcin: Good post, but I am wondering – during your long walks on beaches, how do you avoid the fish?
Marcin, I have never understood why security companies avoided dealing directly with PUPs. They are infections and instead of being PUPs, I have always viewed them as PUSS. Instead of Potentially >> Positively Unwanted Surreptitious Software or whatever one may feel fits best. I, however, hope you not are limited by law with respect to any of the definitions you posted in the explanation. Otherwise, you have certainly bitten off a big chunk. I will recommend that all of my friends, relatives, and those who ask me about security, buy your product if I am convinced it meets the tests. Over the years I have dealt with PUSS – starting with Windows 3.0. I think that it is more insidious than the more – uh – nefarious programs, including ransomware.
It’s complicated.
I reported a big developer who has been abusing their Developer ID and has 7 pieces of Malware in their 2 macOS apps (the malware changes Safari homepage, search and adds extensions, and displays ads, does it to other browsers also) and they have been doing so for a few years now, the malware, Malwarebytes for Mac detects