Feeds

Were Lavasoft's buyers once on its hit list?

Shining a light on Solaria acquisition

Using blade systems to cut costs and sharpen efficiencies

Anti-spyware company Lavasoft AB is now owned by a set of online entrepreneurs who have been linked with misleading websites.

The Montreal-based entrepreneurs, who purchased the company's assets in January, have previously been accused of selling the free versions of Lavasoft products to unwitting internet users as recently as 2007 via cyber-squatting sites.

Lavasoft, originally based in Sweden, was purchased by an investment fund called Solaria in January, but no other holdings can be found for Solaria. In fact, the only ties that Solaria has are to the founders of Upclick, an affiliate marketing company. The founders of this company have also founded companies that sold online porn, reskinned peer-to-peer filesharing software, and allegedly "skimmed" online sales, charging customers for software that they did not order.

Solaria bought Lavasoft on 18 January 2011. Its listing in Businessweek reveals that it began operating as a subsidiary of Lulu Software after the acquisition, and is now also known as LVS Software. Lulu Software is registered as 7270356 Canada Inc in Montreal (4-page PDF/163KB).

Its major shareholder is a corporation called 7104189 Canada (1-page PDF/191KB), whose directors are Charles Dadoun and Daniel Assouline – also the directors of affiliate marketing company Upclick.

Shortly after the acquisition, other evidence of links between Lavasoft and UpClick began to surface. Calin Ioan Udrea, the former director of marketing for UpClick, relisted himself on LinkedIn as the director of marketing for Lavasoft in February.

Bad boys done good?

Dadoun and Assouline have a long history when it comes to internet marketing. They are also the men behind Interactive Brands, an affiliate marketing firm listed as the registrant of multiple domains linked to fraudulent activity, including spyware, and fake geneology sites. Interactive Brands was selling Lavasoft's Ad-Aware in 2007 using a variety of domains, including adaware-ib.com. This domain was listed in a Rip-off Report complaint by a customer who found the site in a web search, purchased Ad-Aware through it, and who said that he was charged for extra software that he did not ask for.

Interactive Brands also operated sites that drew attention from legitimate players in other markets. One was searchyourgeneology.com, which was reported by legitimate geneology site Ancestry.com in 2008. Ancestry.com said, in a 2008 post: "Potential customers are lured to purchase under what we feel to be false, misleading and deceitful promotional material, and get little or no value out of money spent at the websites. Blog and message board posts from the community confirm this opinion."

Lulu Software's current CEO, Eric Gareau, lists himself on his LinkedIn page as the president of Interactive Brands from 2006 until 2010, providing a further link between Lulu Software and Dadoun and Assouline.

At least one of the websites operated by Interactive Brands and selling Ad-Aware was registered to Steve Dimech, who is listed as a board member of LVS Software (2-page PDF/62.1KB).

Ad-aware2007.com, which was selling Ad-Aware to customers in 2007, was at the time registered to Dimech.

Assouline and Dadoun also operated an ecommerce credit card processing company called Market Engines, based in Montreal. The company operated a panoply of websites, such as Download-It-Free.com, FreeMP3Lover.com, Mp3MusicAccess.com and eMuleCenter.com. Market Engines operated a call centre to help sell users reskinned software that was available to users for free elsewhere. The company justified it at the time by claiming that the money charged was for "technical support".

Market Engines claimed to be owned by Malta-based MP3 Networks, which also had offices in the Caribbean, and which was set up in July 2004, five months before Market Engines started business. The director of MP3 Networks was Charles Assouline, now also listed as a board member for LVS Software AB, Lavasoft's registered company name.

Sites operated by Dadoun and Assouline's companies have recently been listed as "high risk" by URL-scanning services including McAfee's SiteAdvisor. Netspyprotector.com is listed on the reputation analysis site MalwareURL as a site offering access to rogue software. Although the Netprotector domain is now privately registered, its contact page still shows it as belonging to MP3 Networks Ltd at its Caribbean address.

Both of these domains are hosted at 63.243.188.110. Other domains hosted at this IP include error-doctors.com, which McAfee calls a high-risk, malicious site, due to marketing/merchandising practices. This is registered at 48/4 Amery Street, Sliema SLM 1701, which is the same address now listed as a contact address for Lavasoft in Malta, following the Solaria acquisition.

Others registered to Market Engines at Maltese addresses – hosted at the same IP address – and receiving suspicious site ratings, include myxptools.com (WOT rating, McAfee rating), thenuker.com (WOT, McAfee), and easy-antivirus.com (WOT, McAfee).

The technical contact for all these sites is listed as another Dadoun – Stephane – with an Upclick.com email address. Stephane Dadoun is listed on Linkedin as IT director at Upclick.

The 63.243.188.110 address is in a block owned by a hosting firm called Rack Engines. Rackengines.com is also registered to Market Engines at the Maltese address. Its ARIN records show David Dadoun as a contact.

The smart choice: opportunity from uncertainty

Next page: Follow the money...

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.