SpyHunter anti-malware maker files lawsuit over bad review

Instead of changing their ways, or fixing their product, Enigma Software turned to their lawyers

scales of justice
Credit: Michael Coghlan

Bleeping Computer, one of the Web's largest self-help portals for computer problems, has been sued by Enigma Software Group after posting a bad review of their core product SpyHunter. The lawsuit was filed on January 8, but the review itself was written in 2014.

Enigma Software accuses Bleeping Computer of "false, disparaging, and defamatory statements" about SpyHunter. The post in question, made in September of 2014, offers a frank assessment of the product, and provides a number of links to support each claim.

Another core issue in the lawsuit is the fact that Bleeping Computer participates in a number of affiliate programs, including one that is ran by a competitor of Enigma Software – Malwarebytes.

As such, the lawsuit says, "Bleeping has a direct financial interest in driving traffic and sales to Malwarebytes and driving traffic and sales away from ESG."

While that claim is true at face value, the affiliate programs used by Bleeping Computer help keep the website online and they use affiliate links for a number of vendors, not just Malwarebytes.

Also, most of the comments that are critical of Enigma Software and SpyHunter exist because the company has gained a bad reputation over the years due to spam, as well as questionable detection rates.

"Bleeping not only has unlawfully benefited from its spear campaign to the detriment of ESG, it has damaged the reputation of ESG by refusing to take down its false and misleading statements which have been reposted numerous times on the other anti-spyware related forums and websites," the court document continues.

One of the more common complaints about SpyHunter and Enigma Software is that the product is promoted as free, when it really isn't.

It's a common trick, or a clever use of wording, and Enigma Software isn't the only company that does it. Enigma Software offers a scanner, and tells consumers so up front.

However, because other vendors (Malwarebytes, Panda, Norton, Kaspersky, Avast, etc.) offer removal options alongside their scanners at no cost, most people would expect the same from SpyHunter.

But that isn't what you get, and Enigma Software admits as much in their complaint against Bleeping Computer:

"ESG informs consumers that they also have the choice to buy a license to the full version of SpyHunter and provides consumers with a "Buy Now" link. The full version of SpyHunter includes the scanner, tools to remove the malware and other security protection tools."

Thus, users who download SpyHunter can scan their system for threats, but if they actually want to remove said threats, they'll have to pay a fee. Those who have paid, often find themselves unsatisfied with the results, or discover that the problem itself wasn't fully resolved.

Examples of these complaints can be located online (and listed below), but a good mix of them are on the BBB page for Enigma Software. While the BBB rating is A+, look at the complaints themselves and notice problems with removal, advertising, and billing for the product. The company has been forced to issue refunds numerous times over the years.

In a statement on Bleeping Computer, owner Lawrence Abrams, says the Enigma Software lawsuit is a SLAPP (strategic lawsuit against public participation) suit.

"The hallmark of a SLAPP suit, which is what we think this is, is to file a frivolous claim to try and silence your opponent," the statement explains.

"Enigma Software has a history of filing lawsuits to censor and bully people into removing reviews or opinions about their products... If BleepingComputer does not get the help we need and we lose this battle, it will only embolden Enigma Software to try to silence other bloggers, IT technicians, or computer security enthusiasts."

Bleeping Computer has started a fund to gather donations for their legal costs, one of the first donations made came from Malwarebytes, which sent $5,000 shortly after the campaign started.


On Complaints Board, the company has faced several consumer complaints over the years, either from billing issues or system related problems.

In another post on Complaints Board, Alec Malaspina, the VP of Technical Support for Enigma Software, scolds a user for their tone, and reminds them there is "a fine line between freedom of speech and libel defamation, so I strongly recommend prudence on your part."

The borderline threat of legal consequence was in response to a user complaining when SpyHunter couldn't remove Rogue Antivirus. The user went on to explain how Trend Micro flagged SpyHunter as malicious after Malwarebytes was able to remove the Rogue AV.

On Web of Trust, a consumer focused portal that allows users to leave reviews and details about a given website, Enigma Software has a low reputation score and most of it is geared towards reviews of SpyHunter.

There are a number of SpyHunter complaints to be found online as well, including one from Spyware Warrior in 2004, which says the product cannot be recommended to users "because of its mediocre performance as an anti-spyware scanner."

According to Spyware Warrior, from late-2002 until mid-2004, Enigma Software was blacklisted because of aggressive and deceptive advertising. One of the top complaints was that the company hijacked the name spybot for many of its online campaigns.

Complaints of spam:

A post from 2013 accuses the company of using fake security blogs to promote its software. The blogs are there to leverage common SEO techniques, and those who maintain the blogs are said to paid a commission for each new customer Enigma Software acquires.

Based on the post, it looks as if Enigma Software had an abusive affiliate program, but a recent search of the SpyHunter website turns-up no such offering to the public.

At the same time, the company did have affiliates in the past, and many of them were using spam tactics to promote SpyHunter. Moreover, a post on I.T. Mate outlines more than a dozen suspected spam affiliate websites for Enigma Software.

Somewhat related, the company doesn't like it when they can't ID the person making complaints about them. A screenshot taken of an old press release from Enigma Software says they will discuss issues in a public forum, but only if those talking provide their personal information.

Mirroring popular brands:

An independent self-help forum and website for security issues, MalwareTips.com, posted a warning to users late last year after a website using an alternate TLD caught their attention.

The alternate domain, MalwareTips.org, by all accounts looks like a clone of the original, but it only promotes SpyHunter software.

"We are currently aware of a scam site that tricks users into downloading dubious software, through aggressive and deceptive advertising," the MalwareTips.com warning states.

MalwareTips.com encouraged users to use bookmarks in order to ensure they arrive at the right domain, and to use caution when following self-help links on popular search engines.

They've used lawyers in the past:

In 2007, Enigma Software Group sent cease and desist letters to all of the major anti-Virus firms including BitDefender, Check Point Software, Fortinet, and Kaspersky. Prior to that, the firm went after Symantec (Norton 360) and Lavasoft. In each case, the AV vendor was flagging SpyHunter as a security risk.

Previous bad reviews:

While the most recent lawsuit is focused on a bad review at Bleeping Computer, that isn't the only bad review SpyHunter has earned.

A test performed in 2014 by AVLab ranked SpyHunter 4 and Enigma Software at the very bottom, noting that the product detected one (1) out of one-thousand (1,000) samples.

The report called SpyHunter the "worst scanner" of the group, which included Panda, Kaspersky, Trend Micro, Norton, and Malwarebytes.

Salted Hash has reached out to several of the major AV testing firms to gather any additional details on SpyHunter and how it has performed.

Given that the company claims to have a global presence, they've surely submitted themselves for testing somewhere. As the labs respond, this article will be updated with their answers.

  • AV-Comparatives: Has stated they've never tested SpyHunter before.

  • West Coast Labs:

  • ICSA Labs:

  • Virus Bulletin: Says they've never had SpyHunter in any of their tests, and Enigma Software has never submitted for testing.

  • NSS Labs:

  • Dennis Labs (UK):

  • AV-Test: Says they've checked their projects today, and cannot confirm that they've reviewed SpyHunter in any form recently or in the past. 

In addition, Enigma Software was contacted for comment, and we'll update with any additional information they may share.

Insider: These ransomware situations can result in colossal outcomes
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies