Corporate Citizenship

April 10, 2007

In 2004, IP addresses associated with WinFixer served a number of fraudware domains, the most notorious of which was WinAntivirus.com. Like WinFixer, WinAntivirus hijacked browsers and popped up dire warnings of nonexistent computer problems, defrauding consumers into charging their credit cards for the WinAntivirus “cure.”

Unlike WinFixer, back then WinAntivirus bore a remarkable resemblance to Norton—one of Symantec’s crown jewels—right down to the yellow packaging. WinAntivirus also took traffic from typo-squatting sites such as “symantic.com” and “symantes.com.” With shady marketing like this, some unwelcome attention from the world’s largest computer protection company was perhaps inevitable.

On April 29, 2004, Symantec sued James Reno and his company ByteHosting, among others. Why these particular defendants? I’ve asked Symantec attorneys that question a number of times and have yet to get an answer.

Symantec deposed Reno on July 29, 2004. (A deposition is a process of questions and answers given under oath, just like in court.) Beginning in January, 2006, I repeatedly requested Symantec’s cooperation in this case, and last month Symantec’s attorneys finally responded with a copy of Reno’s depo transcript. Here’s his testimony about WinAntivirus:

Q: What is Innovative Marketing?
A: As far as I’m aware, it seems to be a company in the Ukraine that is producing the Vantage line of products, such as Win Antivirus, but that’s just by searching around.
Q: Have you ever had any connection with Innovative Marketing?
A: Directly, no.
Q: How about indirectly?
A: Yes, through a company called Billingnow.
Q: What is Billingnow?
A It’s a company I’m actually doing customer support for. They do Internet billing.
Q: What is the relationship between Innovative Marketing and Billingnow?
A: Innovative uses them for billing.

* * *

Q: When you say that you’re providing customer support, what exactly do you do – does your company do for Billingnow?
A: We’ve got a call center, answer the phones, handle billing issues for different customers that call in, look up their order, handle things like informing customers of policies and – like refund policies or technical support, help with forwarding them on to different – the different companies that Billingnow has contracts with.
If someone calls in about a non-billing question, well, we would forward them on to the proper companies.

* * *

Q: Now, winantivirus.com, has your company ever hosted that site?
A: No, we have not.
Q: Do you have any connection with it?
A: Again, we host just the e-mail. I’ve never hosted the Web site.
Q: Do you have an account address for winantivirus.com?
A: It’s in the Ukraine, I don’t have a specific address. It goes through Billingnow.

These few lines constitute all of Reno’s testimony that day regarding WinAntivirus. (The dearth of follow-up questions here is frustrating to say the least.) Nevertheless, it’s enough to prove that—more than three years ago—Reno and ByteHosting were significantly involved in WinAntivirus. Moreover Symantec knew it.

What did Symantec do with this knowledge? My next post will explore the Symantec vs. Reno settlement.

Advertisements