Why Edward Snowden is urging users to stop using ExpressVPN?

The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it.

Last week the Israeli cybersecurity firm Kape Technologies has acquired the industry’s leading virtual private networks ExpressVPN, as part of a $936 million deal. Kape announced that the acquisition will more than double its overall customer base, from almost 3 million customers to more than 6 million.

Edward Snowden expressed concerns about the VPN service offered by ExpressVPN and has warned users to stop using it.

Why Snowden is worried about ExpressVPN?

Last week, three former NSA employees (Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40) entered into a deferred prosecution agreement that restricts their future activities and employment.

The trio has worked as hackers-for-hire for the United Arab Emirates cybersecurity company DarkMatter between January 2016 and November 2019.

The US Department of Justice requires the payment of $1,685,000 in penalties ( $750,000, $600,000, and $335,000, respectively) to resolve its investigation regarding violations of U.S. export control, computer fraud and access device fraud laws. The three suspects worked at the UAE company and developed at least two iOS zero-click exploits dubbed Karma and Karma 2.

DOJ also ordered the former intelligence employees to cooperate with the relevant department and FBI components; they are also condemned to a lifetime ban on future US security clearances.

Snowden was likely worried by the fact one of the three former NSA employees, Daniel Gericke, was ExpressVPN’s CIO.

In 2019, the Reuter agencies published a report that detailed the activity of “a secret hacking team of American mercenaries” that joined Project Raven as part of a clandestine team of experts that helped the United Arab Emirates in conducting a surveillance program and conducting hit-and-run hacking operations.

ExpressVPN published an official response that confirmed the accusation of the DoJ but that pointed out that the experts took part to the Project Raven before he joined to the company in 2019.

“We find it deeply regrettable that the news of the past few days regarding Daniel Gericke has created concerns among our users and given some cause to question our commitment to our core values. To be completely clear, as much as we value Daniel’s expertise and how it has helped us to protect customers, we do not condone Project Raven. The surveillance it represents is completely antithetical to our mission.” reads the response. “When we hired Daniel in December 2019, we knew his background: 20 years in cybersecurity, first with the U.S. military and various government contractors, then with a U.S. company providing counter-terrorism intelligence services to the U.S. and its ally, the U.A.E., and finally with a U.A.E. company doing the same work. We did not know the details of any classified activities, nor of any investigation prior to its resolution this month. But we did know what we had built here at ExpressVPN: a company where every system and process is hardened and designed to minimize risks of all kinds, both external and internal. “

ExpressVPN added that it has implemented multiple security measures to implement a secure service that protectsthe privacy of its users.

“While we are confident that our commitment to this mission is unwavering, we understand that actions speak louder than words. To begin with, we’ll be increasing the cadence of our existing third-party audits to annually recertify our full compliance with our Privacy Policy, including our policy of not storing any activity or connection logs. This is just a first step, and we will continue to strive to earn your trust,” ExpressVPN blog post on the issue read. 

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Snowden)

[adrotate banner=”5″]

[adrotate banner=”13″]