Feeds

Were Lavasoft's buyers once on its hit list?

Shining a light on Solaria acquisition

Build a business case: developing custom apps

Anti-spyware company Lavasoft AB is now owned by a set of online entrepreneurs who have been linked with misleading websites.

The Montreal-based entrepreneurs, who purchased the company's assets in January, have previously been accused of selling the free versions of Lavasoft products to unwitting internet users as recently as 2007 via cyber-squatting sites.

Lavasoft, originally based in Sweden, was purchased by an investment fund called Solaria in January, but no other holdings can be found for Solaria. In fact, the only ties that Solaria has are to the founders of Upclick, an affiliate marketing company. The founders of this company have also founded companies that sold online porn, reskinned peer-to-peer filesharing software, and allegedly "skimmed" online sales, charging customers for software that they did not order.

Solaria bought Lavasoft on 18 January 2011. Its listing in Businessweek reveals that it began operating as a subsidiary of Lulu Software after the acquisition, and is now also known as LVS Software. Lulu Software is registered as 7270356 Canada Inc in Montreal (4-page PDF/163KB).

Its major shareholder is a corporation called 7104189 Canada (1-page PDF/191KB), whose directors are Charles Dadoun and Daniel Assouline – also the directors of affiliate marketing company Upclick.

Shortly after the acquisition, other evidence of links between Lavasoft and UpClick began to surface. Calin Ioan Udrea, the former director of marketing for UpClick, relisted himself on LinkedIn as the director of marketing for Lavasoft in February.

Bad boys done good?

Dadoun and Assouline have a long history when it comes to internet marketing. They are also the men behind Interactive Brands, an affiliate marketing firm listed as the registrant of multiple domains linked to fraudulent activity, including spyware, and fake geneology sites. Interactive Brands was selling Lavasoft's Ad-Aware in 2007 using a variety of domains, including adaware-ib.com. This domain was listed in a Rip-off Report complaint by a customer who found the site in a web search, purchased Ad-Aware through it, and who said that he was charged for extra software that he did not ask for.

Interactive Brands also operated sites that drew attention from legitimate players in other markets. One was searchyourgeneology.com, which was reported by legitimate geneology site Ancestry.com in 2008. Ancestry.com said, in a 2008 post: "Potential customers are lured to purchase under what we feel to be false, misleading and deceitful promotional material, and get little or no value out of money spent at the websites. Blog and message board posts from the community confirm this opinion."

Lulu Software's current CEO, Eric Gareau, lists himself on his LinkedIn page as the president of Interactive Brands from 2006 until 2010, providing a further link between Lulu Software and Dadoun and Assouline.

At least one of the websites operated by Interactive Brands and selling Ad-Aware was registered to Steve Dimech, who is listed as a board member of LVS Software (2-page PDF/62.1KB).

Ad-aware2007.com, which was selling Ad-Aware to customers in 2007, was at the time registered to Dimech.

Assouline and Dadoun also operated an ecommerce credit card processing company called Market Engines, based in Montreal. The company operated a panoply of websites, such as Download-It-Free.com, FreeMP3Lover.com, Mp3MusicAccess.com and eMuleCenter.com. Market Engines operated a call centre to help sell users reskinned software that was available to users for free elsewhere. The company justified it at the time by claiming that the money charged was for "technical support".

Market Engines claimed to be owned by Malta-based MP3 Networks, which also had offices in the Caribbean, and which was set up in July 2004, five months before Market Engines started business. The director of MP3 Networks was Charles Assouline, now also listed as a board member for LVS Software AB, Lavasoft's registered company name.

Sites operated by Dadoun and Assouline's companies have recently been listed as "high risk" by URL-scanning services including McAfee's SiteAdvisor. Netspyprotector.com is listed on the reputation analysis site MalwareURL as a site offering access to rogue software. Although the Netprotector domain is now privately registered, its contact page still shows it as belonging to MP3 Networks Ltd at its Caribbean address.

Both of these domains are hosted at 63.243.188.110. Other domains hosted at this IP include error-doctors.com, which McAfee calls a high-risk, malicious site, due to marketing/merchandising practices. This is registered at 48/4 Amery Street, Sliema SLM 1701, which is the same address now listed as a contact address for Lavasoft in Malta, following the Solaria acquisition.

Others registered to Market Engines at Maltese addresses – hosted at the same IP address – and receiving suspicious site ratings, include myxptools.com (WOT rating, McAfee rating), thenuker.com (WOT, McAfee), and easy-antivirus.com (WOT, McAfee).

The technical contact for all these sites is listed as another Dadoun – Stephane – with an Upclick.com email address. Stephane Dadoun is listed on Linkedin as IT director at Upclick.

The 63.243.188.110 address is in a block owned by a hosting firm called Rack Engines. Rackengines.com is also registered to Market Engines at the Maltese address. Its ARIN records show David Dadoun as a contact.

Endpoint data privacy in the cloud is easier than you think

Next page: Follow the money...

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?