Bitdefender

Last updated

Bitdefender
Company type Private
Industry Computer software
FoundedNovember 6, 2001;22 years ago (2001-11-06)
FounderFlorin Talpeș
Headquarters Bucharest, Romania Santa Clara, California
Area served
Worldwide
Key people
Florin Talpeș (CEO)
Products Cybersecurity software
Services Computer security
Revenue 296 million (2022) [1]
Number of employees
1,800+ (2023)
Website www.bitdefender.com OOjs UI icon edit-ltr-progressive.svg

Bitdefender is a multinational cybersecurity technology company dual-headquartered in Bucharest, Romania and Santa Clara, California, [2] with offices in the United States, Europe, Australia and the Middle East. [3] [4]

Contents

The company was founded in 2001 by the current CEO and main shareholder, Florin Talpeș. Bitdefender develops and delivers cybersecurity products and services, including endpoint protection, cloud and managed security, antivirus software, and security for the Internet of things. Bitdefender products are distributed through partners in over 150 countries [5] and the US market is estimated to generate more than 40% of its revenues. As of 2023, the company employed more than 1,800 people worldwide. [5]

History

Bitdefender software was originally developed by SOFTWIN, a company founded in 1990 in post-communist Romania. It was originally sold as AVX (Antivirus Expert) from 1996 until 2001, when the Bitdefender subsidiary was created, and AVX was rebranded under the Bitdefender name. [6]

In 2007, Bitdefender became a separate business entity with external capital entry, with Axxess Capital Investment Fund as a key shareholder.

From 2004 to 2015, the company expanded with offices in the United States, Germany, United Kingdom, Denmark, and the Middle East. [7]

In 2017, the company acquired French partner Profil Technology. [8] British fund Virtuvian Partners would then buy a 30% stake in the company, putting its valuation over $600 million. [9]

In 2018, Bitdefender opened a new subsidiary in Australia, through acquisition of assets from SMS eTech. [10] That year, the company also acquired behavioral and network security analysis company RedSocks. [11]

Bitdefender opened its own Security Operations Center in San Antonio, Texas in 2019. Bitdefender signed a multi-year partnership deal with Scuderia Ferrari on September 28, 2022. [12] [13]

In April 2024, Bitdefender announced the launch of Bitdefender Voyager Ventures, a corporate venture capital unit. [14]

Products and services

Bitdefender's original product was sold as Antivirus Expert until 2001, when it was rebranded under the Bitdefender name. [6]

Since 2011, Bitdefender has expanded to include consumer and enterprise security products, and in 2021, an extended detection and response (XDR) platform. [15] Like most security suites, Bitdefender’s consumer services are managed through an online portal, called Bitdefender Central. [16]

In December 2023, Bitdefender launched Scamio, a free AI-powered scam detector. [17] [18] Bitdefender and NinjaOne announced a partnership in May 2024 to integrate their security software into a single product suite. [19]

Cybersecurity

The company joined the No More Ransom initiative in 2016, releasing free decryption tools for victims of ransom attacks to decrypt their devices without having to pay to do so. [20] [21] In 2018, Bitdefender joined the Cybersecurity Tech Accord. [22] [23]

Bitdefender’s 2020 research into the Interplanetary Storm botnet proxy network was provided to law enforcement ahead of the FBI dismantling the network in November 2023. [24]

Controversies and incidents

Trojan.FakeAlert.5

On March 20, 2010, computers running Bitdefender under 64-bit versions of Windows were affected by a malfunctioning update that classified every executable program as well as DLL files as infected. These files were all marked as 'Trojan.FakeAlert.5' and were moved into quarantine. This action led to software and systems malfunctions that affected users around the world. [25] Bitdefender representatives announced the removal of the faulty update and a workaround for the users affected, [26] except for those using the 2008 version. [27]

DarkSide ransomware

In 2021, Bitdefender was accused of self-promotion when releasing and publicly announcing a decryptor to the detriment of victims of DarkSide, a hacking group. In 2020, DarkSide switched their main encryption ransomware product over to an "affiliate" model wherein other attackers could download and use their software in exchange for a portion of the profits. However, they introduced a bug in the process where affiliate hackers would all use the same private RSA key - meaning that a decryption package for a single target who paid the ransom would work on any target that had the ransomware installed. Security researchers noticed and were quietly already helping victims of the software, but with no public notice, making it so that the attackers would only see an inexplicable decrease in ransom payments that could be written off as chance.

Months later, Bitdefender publicly released a decryptor of their own development and issued a blog post describing the flaw, a move criticized in the MIT Technology Review . The article wrote that Bitdefender's program wasn't even safe - it was flawed and would "damage" files decrypted with it due to bugs within it, unlike the earlier decryptors that had been quietly used. Second, the blog post tipped off DarkSide as to the nature of the flaw, leading to the group sarcastically thanking Bitdefender and patching the bug.

A notable incident that took place after Bitdefender's public disclosure was the Colonial Pipeline cyberattack in May 2021. While the security researchers who had been using the flaw before acknowledge that it's probable DarkSide would eventually have noticed and fixed the issue, they still criticized Bitdefender for using the bug merely for a brief burst of publicity, rather than in the way that would most help victims of the scheme. [28] Bitdefender has defended their actions on their blog, saying that they only wished to make as many organizations as possible aware of the existence of the bug in DarkSide's ransom attacks. [29] The article and blog post triggered a discussion among cybersecurity professionals about the pros and cons of publicly disclosing such vulnerabilities in malware. [30]

Awards

See also

Related Research Articles

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, and cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

<span class="mw-page-title-main">ESET</span> Slovak internet security company

ESET, s.r.o., is a software company specializing in cybersecurity. ESET's security products are made in Europe and provides security software in over 200 countries and territories worldwide. Its software is localized into more than 30 languages.

<span class="mw-page-title-main">Avast</span> Czech security software company

Avast Software s.r.o. is a Czech multinational cybersecurity software company headquartered in Prague, Czech Republic, that researches and develops computer security software, machine learning, and artificial intelligence. Avast has more than 435 million monthly active users and the second largest market share among anti-malware application vendors worldwide as of April 2020. The company has approximately 1,700 employees across its 25 offices worldwide. In July 2021, NortonLifeLock, an American cybersecurity company, announced that it was in talks to merge with Avast Software. In August 2021, Avast's board of directors agreed to an offer of US$8 billion.

Ransomware is a type of malware that permanently blocks access to the victim's personal data unless a "ransom" is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem, and difficult-to-trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

Fortinet, Inc. is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.

<span class="mw-page-title-main">AVG Technologies</span> Brand of cybersecurity, privacy, performance and utility applications

AVG Technologies B.V. is a brand of cybersecurity, privacy, performance and utility software applications for desktop computers and mobile devices developed by Avast, a part of Gen Digital. AVG was a cybersecurity software company founded in 1991 and it merged into Avast following an acquisition in 2017. It typically offers freeware, earning revenues from advertisers and from users that upgrade to paid versions for access to more features.

<span class="mw-page-title-main">Malwarebytes</span> Internet security company

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.

<span class="mw-page-title-main">Kaspersky Lab</span> Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and Alexey De-Monderik. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

Bleeping Computer is a website covering technology news and offering free computer help via its forums that was created by Lawrence Abrams in 2004. It publishes news focusing heavily on cybersecurity, but also covers other topics including computer software, computer hardware, operating system and general technology.

Avira Operations GmbH & Co. KG is a German multinational computer security software company mainly known for its Avira Free Security antivirus software. Although founded in 2006, the Avira antivirus application has been under active development since 1986 through its predecessor company H+BEDV Datentechnik GmbH. Since 2021, Avira has been owned by American software company NortonLifeLock, which also operates Norton, Avast and AVG. It was previously owned by investment firm Investcorp.

REvil was a Russia-based or Russian-speaking private ransomware-as-a-service (RaaS) operation. After an attack, REvil would threaten to publish the information on their page Happy Blog unless the ransom was received. In a high profile case, REvil attacked a supplier of the tech giant Apple and stole confidential schematics of their upcoming products. In January 2022, the Russian Federal Security Service said they had dismantled REvil and charged several of its members.

Checkmarx is an enterprise application security company specializing in static application security testing (SAST) headquartered in Atlanta, Georgia in the United States.

Emsisoft Ltd. is a New Zealand-based anti-virus software distributed company. They are notable for decrypting ransomware attacks to restore data.

On May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that afflicted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.

DarkSide is a cybercriminal hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack. The group provides ransomware as a service.

<span class="mw-page-title-main">Kaseya</span> American software company based in Miami, Florida

Kaseya Limited is a company headquartered in Miami that develops software for network monitoring, system monitoring, and other information technology applications. It is majority-owned by Insight Partners and owns the naming rights to the Kaseya Center. The name of the company means "protect and defend" in the Sioux language. The company was estimated to be valued at $12 billion in April 2023.

On 2 July 2021, a number of managed service providers (MSPs) and their customers became victims of a ransomware attack perpetrated by the REvil group, causing widespread downtime for over 1,000 companies. The attack was carried out by exploiting a vulnerability in VSA, a remote monitoring and management software package developed by Kaseya. Two suspects were identified and one sentenced.

Log4Shell (CVE-2021-44228) is a zero-day vulnerability reported in November 2021 in Log4j, a popular Java logging framework, involving arbitrary code execution. The vulnerability had existed unnoticed since 2013 and was privately disclosed to the Apache Software Foundation, of which Log4j is a project, by Chen Zhaojun of Alibaba Cloud's security team on 24 November 2021. Before an official CVE identifier was made available on 10 December 2021, the vulnerability circulated with the name "Log4Shell", given by Free Wortley of the LunaSec team, which was initially used to track the issue online. Apache gave Log4Shell a CVSS severity rating of 10, the highest available score. The exploit was simple to execute and is estimated to have had the potential to affect hundreds of millions of devices.

Vice Society is a hacking group known for ransomware extortion attacks on healthcare, educational and manufacturing organizations. The group emerged in the summer of 2021 and is believed to be Russian-speaking. Vice Society uses double extorsion and does not operate a ransomware as a service model.

Fortra is an American cybersecurity company based in Eden Prairie, Minnesota. The company was founded as Help/38 in 1982, rebranded as HelpSystems in 1988, and became Fortra in 2022. Fortra is owned by private equity firms TA Associates, Harvest Partners, Charlesbank Capital Partners, and HGGC.

References

  1. "Revenue of Bitdefender from 2006 to 2022", statista.com
  2. "About Bitdefender: Innovation in Cybersecurity since 2001". Bitdefender. Retrieved 30 September 2024.
  3. "Interview with Florin Talpes, CEO at Bitdefender". Archived from the original on 2 November 2013. Retrieved 20 July 2015.
  4. "About Bitdefender: Innovation in Cybersecurity since 2001". Bitdefender. Retrieved 11 October 2024.
  5. 1 2 "Bitdefender Long Description". Bitdefender. Archived from the original on 5 February 2011. Retrieved 31 July 2017.
  6. 1 2 "Definition of: Bitdefender". PC Magazine Encyclopedia. Retrieved 17 May 2019.
  7. "M&A alert. Vitruvian Partners buys stake in Bitdefender from Axxess Capital". Business Review (in Romanian). 1 December 2017. Retrieved 15 January 2021.
  8. "Romania's Bitdefender buys France's Profil Technology". seenews.com. Retrieved 15 January 2021.
  9. Ilie, Luiza (1 December 2017). "Vitruvian buys 30 pct stake in Romanian cyber security firm Bitdefender". Reuters. Retrieved 19 January 2023.
  10. "Romania's Bitdefender buys Australian partner SMS eTech". seenews.com. Retrieved 15 January 2021.
  11. Kass, D. Howard (23 October 2018). "Bitdefender Acquires Network Security Analytics Startup RedSocks in Expansion Push -". MSSP Alert. Retrieved 26 July 2024.
  12. "Bitdefender Team Partner - Ferrari.com". www.ferrari.com. Retrieved 10 October 2022.
  13. "Bitdefender's Partnership with Scuderia Ferrari". Bitdefender. Retrieved 10 October 2022.
  14. Bains, Roshini (24 April 2024). "Cybersecurity firm Bitdefender launches CVC -". globalventuring.com. Retrieved 5 August 2024.
  15. "Bitdefender GravityZone Business Security Enterprise Review". PCMAG. Retrieved 21 August 2024.
  16. "Bitdefender Ultimate Security Review". PCMAG. Retrieved 21 August 2024.
  17. Rees, Ali (13 December 2023). "Meet Scamio, Bitdefender's new free AI scam detector". ReadWrite. Retrieved 21 August 2024.{{cite web}}: CS1 maint: url-status (link)
  18. "Bitdefender's Scamio Integrates With WhatsApp In Australia". 27 May 2024. Retrieved 21 August 2024.
  19. Zwets, Berry (28 May 2024). "NinjaOne strengthens Bitdefender integration for better endpoint security". Techzine Global. Retrieved 1 November 2024.
  20. Lakshmanan, Ravie (19 September 2022). "Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware". The Hacker News. Retrieved 8 August 2024.
  21. "What is a ransomware decryptor?". 10 January 2024. Retrieved 8 August 2024.
  22. "Signatories". Cybersecurity Tech Accord. Retrieved 26 July 2024.
  23. "Tech companies sign cyber accord". Information Age. Retrieved 26 July 2024.
  24. "District of Puerto Rico | Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World | United States Department of Justice". www.justice.gov. 14 November 2023. Retrieved 19 July 2024.
  25. McMillan, Robert. "Bad Bitdefender Update Clobbers Windows PCs". PC World. Archived from the original on 27 October 2010. Retrieved 17 September 2017.
  26. "Trojan.FakeAlert.5 Update issue". Archived from the original on 24 March 2010.
  27. Peter Bright (22 March 2010). "Bitdefender update breaks 64-bit Windows PCs".
  28. Dudley, Renee; Golden, Daniel (24 May 2021). "The Colonial pipeline ransomware hackers had a secret weapon: self-promoting cybersecurity firms". MIT Technology Review . Retrieved 25 May 2021.
  29. Bitdefender's Position on Ransomware Attacks and Decryptors
  30. Schwartz, Samantha (21 September 2021). "Is there too much transparency in cybersecurity?" . Retrieved 25 August 2023.
  31. Zehentmaier, Verena (1 March 2024). "AV-Comparatives Awards 2023 for Bitdefender". AV-Comparatives. Retrieved 11 October 2024.