The Chinese antivirus vendor Qihoo 360 has committed fraud during several antivirus tests of the three largest virusscanner test organisations. Last Sunday the test organisation AV-Comparatives announced that it had started an investigation against an antivirus vendor that supplied a scanner that was specifically prepared for the test laboratories.
According to the 3 test laboratories, Qihoo 360 committed fraud and therefore all reviews and certifications that Qihoo received this year will be withdrawn.
Virusscanner can use one or multiple engines to detect malware. During investigation it was found that all products supplied by Qihoo 360 for antivirus tests used he engine of the Romanian antivirus company Bitdefender by default, while Qihoo’s own engine was disabled. In the products Qihoo 360 sells to customers, this is the opposite, Bitdefender is disabled by default and Qihoo 360’s own engine is used by default.
This means users are less protected and have a higher risk of false positives. Users can change the settings to another engine in Qihoo but in reality this is hardly done, according to the 3 testlabs.
During the investigation of Qih00 360, the Chinese company accused also two other Chinese antivirus vendors from committing fraud, namely Baidu and Tencent. In the code of these antivirus vendors the labs indeed found their names and routines that could cause the software to behave differently during tests, however there is no proof this was in the advantage of the scanners of these vendors. In some cases this even proved to be a disadvantage.
In addition, also Qihoo 360 changed its routines when it detected it was in a testlab. Qihoo confirmed that it changed settings specifically for the tests and that these are indeed different from what it sells to consumers. To prevent fraud in the future, the three test labs will impose stricter requirements on the antivirus vendors.