Recently, a threat actor created a fake Malwarebytes website that was used as a gate to the Fallout Exploit Kit, which distributes the Raccoon stealer. The domain malwarebytes-free[.]com was registered on March 29 via REGISTRAR OF DOMAIN NAMES REG.RU LLC and is currently hosted in Russia at 173.192.139[.]27. Below is an image from Malwarebytes lab that shows the fake copied website. It was distributed via malvertising.