Leo Kuvayev

2K Services, eCash, and Top100

Kuvayev originally started a company in Montreal, Quebec called 2k Services with his partner Vladislav Khokholkov (Vlad). 2K's business involved several ventures, a credit card processing company that specialized in membership systems (MemberPro) and online casinos (ecash services). These ventures were essentially a wrapper for his credit card processing system, paid search (2k Search), a Top List system (Top100), and a referral program (Cash For Clicks). When Vlad was deported back to Russia, the company moved some of its programming services there, to a site not far from Moscow.

His casino business made the bulk of its money by selling low priced software licenses to casino operators and then charging a minimum processing fee for each casino from the owner. The software was notoriously buggy and made several casino blacklists even before Kuvayev had the programmers in Russia implement "Odds Management" to raise the odds of winning on free games and lower the odds on the paid games.

The Top100 system was a way to create pages of rankings and made the bulk of its money from banner advertisements. In 2001, Vladislav worked out a way to recover from the loss of revenue caused by dropping market rates for banner ads by exploiting a bug in Internet Explorer that allowed a maliciously coded website to overwrite arbitrary files on the victim's hard drive. Vlad's programmers implemented code in top100 to overwrite C:windowssystem32driversetc.hosts with a version that redirected auto.search.msn.com to 2ksearch.com; this had the effect of redirecting all mistyped web addresses to 2ksearch. This business model was abandoned when the resulting complaints forced the paid search providers to terminate 2ksearch's contract.

Spamming

Kuvayev got his start in the larger spam world when he partnered with Alan Ralsky to create several porn sites specializing in Asians, gay sex and bestiality. In mid 2003 anti-spam activists succeeded in forcing Groupe Telecom to change its spam policy from their previous, spam-friendly position to one of zero tolerance. Groupe Telecom took advantage of the fact that 2k Services was moving offices as an excuse to terminate the contract for his fibre optic link; since they had no spam clause in their contract, they had had no grounds previously to terminate their connection, but the relocation provided the excuse they needed. This left 2K services scrambling to find new hosting. Every other ISP in the area, however, refused to allow Leo to conduct business on their networks, and as a result, he was forced to move all of his hosting to more spam-friendly locations outside the country.

Eventually the lack of hosting opportunities and high employee turnover forced 2k Services to shut down all Montreal operations and move everything to Russia.

Current whereabouts

Kuvayev is also believed by some to be operating under the alias "Alex Rodrigez". Under this alias, he has registered hundreds of domains through various registrars to illegally sell software, prescription drugs, and more.

Kuvayev has registered domains with registrars operating in China, New Zealand, and France. Most of his actual web pages have been hosted in China. It is suspected by some information security professionals that Kuvayev may be involved in the operation and control of the Storm botnet.

As of 1 June 2011, Kuvayev has confessed to sex crimes, sexually molesting girls as young as 13 years of age using the basement of his office in Moscow as a "dungeon". Kuvayev allegedly targeted vulnerable youngsters from children's homes, some of whom had mental or learning disabilities. Reports indicate that Kuvayev could face up to 20 years in prison for each offence.

On 23 March 2012, a court in Moscow found Kuvayev guilty of sexual molestation charges.