Skip to main content

Second Chinese Antivirus Firm Cheated on Tests, Labs Say


A second Chinese antivirus maker may have cheated on independent assessments of its malware-catching capabilities, three evaluation labs said yesterday (May 5).

"Certain optimizations have been identified in Tencent products which are clearly designed to improve their ratings," said a statement jointly issued by the German lab AV-TEST, its Austrian counterpart AV-Comparatives and the British magazine and lab Virus Bulletin. "These optimizations, which have been found in all recent public versions of the products, provide minimal benefit to normal users and could even degrade the level of protection."

Tencent is a Chinese tech giant that runs the instant-message client QQ and the mobile chat service WeChat, the latter of which is available to Western users.

Last week, rival Chinese antivirus maker Qihoo 360 was accused by the labs of tweaking its own software that it submitted to the labs for evaluation. Qihoo countered that Tencent and another Chinese rival, Baidu, did the same thing — which now appears to be at least partly true.

MORE: Best Antivirus Software and Apps

Tencent did not immediately reply to a request for comment.

Last week, Qihoo was stripped of its first-place showing in AV-TEST's most recent round of Windows 8.1 antivirus evaluations, and its two antivirus products were removed from the list of evaluated products.  This morning (May 6), Tencent's two products had been removed as well. (Tom's Guide uses AV-TEST's protection scores in its own reviews of antivirus products.)

Qihoo and Tencent, along with Baidu (another Chinese tech behemoth), offer free antivirus software to the domestic Chinese market. Qihoo also distributes a free version of its antivirus software outside China. Unlike the domestic version, the "global" version of the Qihoo 360 software doesn't use Qihoo's own antimalware engine; instead, it defaults to Bitdefender's, which Qihoo licenses.

Qihoo submitted both the domestic and the export versions of its software to the labs for separate evaluations, but the labs say Qihoo altered the domestic version so that it also defaulted to the Bitdefender engine, which is consistently evaluated as one of the best.

The labs did not specify exactly how Tencent tweaked its own software. But last week, they said that "another company, not Qihoo, is optimizing their product to do well in our performance test by excluding certain files and processes from checking."

But ... but ... but ...

Tencent has not commented on the matter, but Qihoo has mounted a vigorous defense, offering several reasons for its own software "optimization."

Not only do other Chinese companies tweak their antivirus software before evaluations, Qihoo said, but the differences between malware engines don't really matter because "the behaviors of European/Western Internet users ... may be significantly different from those of Chinese Internet users."

Furthermore, Qihoo said, it told the labs what it was doing from the get-go, and Chinese users can’t handle Western malware engines because Chinese computers don't have as much "computing power" as Western machines.

"This configuration was explicitly declared upon submission of the tests, and was thereafter confirmed by the test labs," Qihoo said in a statement last week. "The majority of our users are running on lower computing power. To satisfy lab conditions, the consideration of power constraint was therefore discarded."

Yesterday, Qihoo said it would no longer submit software for evaluation by AV-TEST, AV-Comparatives or Virus Bulletin.

Cultural re-evaluation

Doug Young, a former Reuters correspondent who now lives and teaches in Shanghai and runs a website called Young's China Business Blog, wrote Monday (May 4), before the Tencent disclosure, that Qihoo's woes may foretell trouble for many Chinese companies trying to compete overseas.

"As Qihoo and its peers attempt to go global, they are quickly discovering that many of the things they do at home fall well below the standards set by global bodies, especially in the West," Young wrote. "This particular scandal involves what would normally be routine behavior for Qihoo in its home market."

Qihoo has been accused of closely tying its Web browser, a customized version of Internet Explorer, to its antivirus software, and making it difficult to uninstall one without uninstalling the other.

"Chinese consumers are used to this kind of double standard, but Westerners are far less forgiving of this kind of misleading behavior," he continued, adding that Qihoo recently announced it had 100 million users outside China. "That won't be too helpful for Chinese tech giants like Qihoo, Baidu, Xiaomi and Alibaba, which are all trying to show the world and investors that they can compete outside their highly protected home market where standards are often a bit lower."

Paul Wagenseil is a senior editor at Tom's Guide focused on security and gaming. Follow him at @snd_wagenseilFollow Tom's Guide at @tomsguide, on Facebook and on Google+.