how to see if a mbam license key is legit?

[ParanoiaBoy]

hello everybody!

the question is: how do you know if a malwarebytes' license key is legit? some third party websites like Kinguin sell mbam keys that are usually lifetime keys and they even work! but, is it possible or where's the scam?

can a mbam key be "duplicated" or "pirated" ? how does that happen? how do you see if a key is genuine or not? are those sellers illegals for malwarebytes' corp. ?

thank you

[Malwarebytes]

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes 3 Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

• Download Malwarebytes Support Tool
• Once the file is downloaded, open your Downloads folder/location of the downloaded file
• Double-click mb-support-X.X.X.XXXX.exe to run the program
  • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
• Place a checkmark next to Accept License Agreement and click Next
• You will be presented with a page stating, "Welcome to the Malwarebytes Support Tool!"
• Click the Advanced Options link
  
  
   
• Click the Gather Logs button
  
  
   
• A progress bar will appear and the program will proceed to gather troubleshooting information from your computer
• Upon completion, click OK
• A file named mbst-grab-results.zip will be saved to your Desktop
• Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:
  
     
  
  
  Click "Reveal Hidden Contents" below for details on how to attach a file:
   
  Spoiler

  To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

  
   

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

• Renewals
• Refunds (including double billing)
• Cancellations
• Update Billing Info
• Multiple Transactions
• Consumer Purchases
• Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/docs/DOC-1264 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

[exile360]

Greetings,

All lifetime license sales were discontinued around 3 years ago when Malwarebytes switched over to a yearly subscription model so the only way for a vendor to have any lifetime keys would be if they still have copies of the old boxed retail Malwarebytes Anti-Malware product from that time period which at this point is pretty unlikely.

With that said, unfortunately there is no way to know for certain if what you are being sold is legitimate or not so the key, if it is pirated, could end up being blacklisted at any time once the Malwarebytes licensing system identifies abuse which is why it frequently occurs that such keys work for a while but then end up failing at some point because the licensing system notices that the key has been activated hundreds or thousands of times all over the world (an obvious sign that it is pirated) which could happen at any time and all depends on how many people they've sold or given that key to, where they got it (as they might be obtaining them from a key generator or from illegal downloads online that include pirated keys to activate them).  The only way I might even consider purchasing would be if they were selling sealed boxed retail versions which had the key sealed inside and provided me with the box, tape still intact/not re-sealed (though none of the vendors I've seen selling it do that; they're usually just selling keys meaning the source of the keys is likely not legit).

Because it is very likely to be fraudulent, I would highly recommend not purchasing from such vendors as the probability of their keys being legitimate and actually working for life is extremely low.  If you already purchased a key and want to check on its status, aside from just activating the software, you may contact Malwarebytes Support via the options on this page and they can lookup the key to see if it appears to likely be pirated or not and maybe just hasn't been blacklisted by the automated system yet (i.e. hasn't been activated enough times/in enough different places simultaneously yet).

Also bear in mind that Malwarebytes tends to be very generous when it comes to issues like this.  They don't want you to lose out if possible, and while they no longer issue any lifetime licenses, they often will offer at least a free year subscription for Malwarebytes 3 so that you still feel like you got something for the money you spent and don't end up without protection on your system even though they don't get any of the money you paid to the vendor when you bought the pirated lifetime license.

If there is anything else we might assist you with please don't hesitate to ask.  And just remember, if something sounds too good to be true, it probably is, and this is usually the case with these vendors claiming to still have legitimate lifetime licenses for Malwarebytes after 3 years of not being issued any more.

Thanks

[ParanoiaBoy]

thank you @exile360, i contacted the support to see if those keys are legit, i hope they are (but i guess they are not, in that i case i've learnt a lesson)

since i'm not tech savvy may i ask you, for curiosity reasons, where they got them from? i mean, in general, the process of "pirating" or "duplicating" stuff, they steal them?, they generate them?, how does that work, do you know it?

[exile360]

Usually how it is done is they analyze some legit/working keys and use custom software along the same lines of what a hacker would use to figure out passwords and they feed in the legit keys and the software eventually determines an algorithm or pattern to create working keys (i.e. keys that the Malwarebytes product will activate with/recognize as legit).  That said, the reason they usually have to sell the old style/format licenses which use both an ID and Key (the MB 1.x/early 2.x format) is because since 3.0 and the creation of the online license activation and management system, every key generated by the company is tracked and accounted for so the company has a copy of and documentation on every single key they issue now, so they know when it was created, who it was created for (i.e. which vendor, reseller or retail box product etc.) and can trace its entire history from when Malwarebytes created it to when it reached a customer after purchase.  The older keys weren't like that and were just created using the algorithm I mentioned so back then the software would activate and work with any key fitting the right pattern/algorithm.  So these scammers are generally using key generators which is that software tool I mentioned that spits out keys that will activate the software.

The trouble is, since Malwarebytes now keeps track of every valid key they create, it's much more difficult for the bad guys to create keys that will actually work long term.  They may work temporarily, but as soon as the system does a check on the key to validate it via Malwarebytes online database of known good keys, it has the potential to be flagged as pirated and blacklisted.  That said, I don't know if Malwarebytes has every invalid key automatically blacklisted right from the start or if they offer some kind of temporary grace period, though I suspect the latter otherwise the individuals selling these bad keys would probably stop offering them as they wouldn't work at all any more.  I also believe that they either automatically or manually flag/blacklist keys that show up more frequently more quickly (i.e. pirated keys that end up being used a ton of times all over the world, which is usually the result of some shady download via something like a Bittorrent client or warez site (a website where things like software cracks/keygens and pirated license keys are found; which often also contain malware of some kind, usually in the form of a Trojan, either in the crack/keygen itself or the special build of the pirated software they provide if such is required for their pirated license to work (i.e. a special cracked build of the pirated software which also includes embedded Trojan functionality to infect the systems it gets installed on with some kind of infection)).  Some of them even publish keys on places like YouTube, and because of this, those tend to be rather easy for the company and the automated license tracking system to spot as the more people who access and use a key, the more obvious it becomes that it is pirated.

Honestly, Malwarebytes always has been and continues to be far more lenient on piracy than most other vendors, and far more generous than they have to be given the license tracking system they now have in place.  The reason I say this is because based on the database I mentioned earlier where the system keeps track of every single key the company creates/issues for sale, they could just automate it so that none of these pirated keys would work to activate the software at all so that as soon as the system goes online, which it must do at some point to fully activate the license, similar to how you have to activate Windows online eventually even after entering a valid key, the system would know that the license being used is a fake/pirated key and could shut down protection and blacklist the key right then and there so that it could never be used to activate the software again.  But you don't hear about that sort of thing happening too frequently, and usually, at least based on what I've seen and heard from others, even when a user has a pirated key that they purchased, the company is really good about giving them a chance to go legit by giving them time to keep the paid features so that they can stay protected and then renew their license from a legitimate source to keep their protection after that.  Most companies just block all fake/pirated keys right off the bat and offer no such grace periods and expect anyone who uses a pirated copy/license to pay full price immediately if they wish to continue using the paid features.  I think that says a lot about where Malwarebytes' priorities are as a company that they're willing to sacrifice money like that and prioritize keeping people protected over trying to force them to pay immediately.

[ParanoiaBoy]

Perfect answer, thank you