Skip to main content

Malware Bites Malwarebytes: Company Forums Hacked

Even computer-security companies aren't immune to online attacks. Anti-malware maker Malwarebytes revealed last week that its user forums had been hacked into earlier on Nov. 10. Email notices were sent out around Nov. 20 asking users to reset their passwords. 

The hackers apparently exploited a vulnerability in the third-party service that hosts Malwarebytes' forum. Nevertheless, personal information does not seem to have been stolen, and Malwarebytes' main website was not affected by the hack,  company founder Marcin Kleczynski told users in the forum.

MORE: Best Free Antivirus Software 2014

Malwarebytes' forums, located at, are run by a company called Invision Power Services, using a platform called IP.Board.

"Invision is known for having vulnerabilities and gets exploited all the time; unfortunately, we fell victim to that," wrote Kleczynski in a statement on the forums

Some users then criticized Malwarebytes for using a third-party service to host its forum. There's no evidence that the hackers took any personal information, but Malwarebytes is still requiring users to reset their passwords. Some forum users have also reported that the forums went offline for a brief time on the evening of November 21.

This forum is separate from Malwarebytes' main website,, which was not affected by the hack, Kleczynski said.

Malwarebytes is best known for its software Malwarebytes Anti-Malware Free, which specializes in catching rare and destructive malware on users' PCs.

Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+Follow us @tomsguide, on Facebook and on Google+.

  • Nerdtopia
    Pretty ironic that the creators of one of the most popular anti-malware software gets hacked. xD
  • Bhaskar Cdhary
    I read about IPB's new vulnerability then I tried to report it to malwarebytes but there was no place to contact them for this type of problem. I reported it at the form of reporting bugs with Malwarebytes and they replies me with a huge paragraph asking to post in forum at proper place. Then I left them. Why should I work so hard. And few days later, it was hacked.