For years, ExpressVPN has been one of the most popular and widely used privacy products on the market. It’s often highest ranked on the 10 best VPN lists; a recent Tom’s Guide review Called it the “best VPN by far” available. In the past, if you wanted to stay anonymous on the web, Express would probably have been the way to go.
However, all of this has been called into question following the revelation than Daniel Gericke, chief information officer of ExpressVPN previously worked as a hacker at DarkMatter, a UAE-based cybersecurity company. Between 2016 and 2019, Gericke helped hack systems and devices around the world as part of “Raven Project, A covert operation designed to help the UAE monarchy track and monitor critics of its regime, including activists, journalists and some US-based people.
Gericke and two other former U.S. intelligence officers recently faces federal charges for their involvement in “Raven”, but managed to make deferred prosecution agreements with the government, allowing them to pay fines to avoid jail, while agreeing to certain conditions.
However, in their remarks, the company was ultimately blocked by Gericke. The company explained it this way:
Some may ask: How could we willingly invite someone with Daniel’s past to join us? For us, the answer is clear: we protect our customers.
To do this job effectively, to do it, as we believe, better than anyone in our industry, we have to harness the full firepower of our adversaries. The best goalkeepers are those trained by the best forwards. Someone seasoned and seasoned on offense, like Daniel, can offer a glimpse into defense that is difficult, if not impossible, to find elsewhere. This is why there is a well-established precedent for cybersecurity companies hiring talent from the military or intelligence.
Whether you accept this argument or not, one could argue that once this seasoned veteran finds himself in federal court, things may need to be reassessed a bit. Reuters reports that he is still employed by the company.
In the end, these soothing words don’t seem to have appeased everyone. Not only are the company’s customers pissed off, but so are its employees. In a recent virtual meeting, ExpressVPN employees apparently voiced their grievances over the recent turn of events, without stopping to mince words.
“This episode eroded consumer confidence in our brand, regardless of the facts. How do we intend to rebuild our reputation? said one.
“Finding such news from the people we work closely with on a daily basis through an online article was absolutely distasteful. Why have we not been warned? Are not transparency and respect our core values? ” another person would have asked.
Other recent events have caused some to question the direction of ExpressVPN. The company was bought recently by Kape Technologies, an Israeli tech company with a controversial past. Formerly known as CrossRider, the company was renamed in 2018 after receiving a little too much publicity for, as CNET recently said, being the “notorious creator of malicious adware containing data”. Since then he has been on an apparent rebranding effort accompanied by a privacy product. shopping spree. In recent years, the company has bought CyberGhost, Zenmate, and Private Internet Access VPNs, and bought ExpressVPN for $ 936 million earlier this month.
Kape’s management also raised eyebrows. The CEO and co-founder of the company, Koby Menachemi, is a former Israeli intelligence officer who served in Unit 8200, the infamous cyber (read: hacking) wing of the Israel Defense Forces. A majority stake in the company is owned by Teddy Sagi, an Israeli billionaire who in the 1990s pleaded guilty to charges related to bribes and market manipulation and subsequently spent a short time behind bars. Companies connected to Sagi were also unearthed in the Panama Papers, the leak of several terabytes which showed the complex network of front companies and tax havens used by the leaders and the companies of the world.
At the very least, ExpressVPN owes its users a more comprehensive transparency report on why it hired Gericke. However, given all that has come out, it is probably not out of the question that some clients will get up and leave the company’s services altogether.
When considering the importance of ExpressVPN, the episode also raises questions about the overall security of the VPN industry: how common is it for those on the farthest and most remote edges. shines in the surveillance industry to turn around and work for companies dedicated to the protection of privacy? While you would like to hope the answer is “not very common,” the largely unregulated and siled nature of the privacy industry makes it impossible to say. We’ve reached out to ExpressVPN for comment and will update this story if they get back to us.