FBI Arrests A Cyberstalker After Shady "No-Logs" VPN Provider Shared User Logs
9.10.2017 thehackernews Cyber
FBI recently arrested a psycho cyber stalker with the help of a popular VPN service and this case apparently exposed the company's lies about the "no logs" policy.
Taking down cyber stalkers and criminals is definitely a good thing, and the FBI has truly done a great job, but the VPN company whose first line of the privacy policy is—"We Do Not monitor user activity nor do we keep any logs"—has literally betrayed its customer's trust.
Is your VPN also lying to you? Well, it's the right time to think about this twice.
It's no secret that most VPN services—which claim to shield your Internet traffic from prying eyes, assuring you to surf the web anonymously—are not as secure as they claim.
In this post-Snowden era, a majority of VPN providers promise that their service is anonymous, with no log policy, but honestly, there is no way you can verify this.
PureVPN Helped the FBI with Logs
A 24-year-old Massachusetts man, Ryan Lin, has been arrested in a Cyberstalking case after one of the largest VPN providers, PureVPN, helped the FBI with information that linked Lin to his alleged cyber crimes.
In an FBI affidavit published last week by the US Department of Justice (DoJ), Lin is accused of stalking and harassing his housemates and former-roommates online while evading local police by using various services like Tor, VPNs and Textfree.
Lin tormented his former-roommate, Jennifer Smith, for one and a half year after stealing credentials for some of her online profiles from her unlocked MacBook, and other personal files, including photographs, from her iCloud and Google Drive accounts.
According to the affidavit, Lin released Smith's personal details online (known as 'doxing'), posted intimate photographs without her face suggesting they were of Smith, and emailed her private information to her contacts, including her family, relatives and colleagues.
Additionally, Lin allegedly posted fake profiles of her to websites "dedicated to prostitution, sexual fetishes, and other sexual encounters," shared information about her medical background that she never shared with anyone, and sent "images that likely constitute child pornography" to her family and friends.
Suspect Also Made Bomb, Death and Rape Threats
What's more? Lin often spoofed Smith's identity to send bomb, death and rape threats to schools and lone individuals, which even tricked one of her friends into calling the police to her house.
To conduct all these illegal actions and hide his tracks, Lin used various privacy services like ProtonMail, VPN clients, and Tor, anonymised international text messaging services and offshore private e-mail providers.
However, the suspect made a mistake by using a work computer for some of his illegal campaigns. The feds were able to recover some forensic artefacts from his work computer, even though he had been terminated and the OS had been reinstalled on the computer.
In the unallocated space of the system's hard drive, the FBI found artefacts referencing:
Bomb threats against local schools.
Username for TextNow, the anonymous texting service being Lin's most-visited Website.
Lin's name on Protonmail.
Lin had visited Rover.com (pet sitting site) and FetLife.com which were used in the cyberstalking campaigns.
Lin repeatedly accessed his personal Gmail account.
He used PureVPN in the cyberstalking campaign.
How FBI Investigated the Cyberstalking Case
PureVPN Helped the FBI with LogsThe FBI then managed to obtain logs from PureVPN, which linked himself to the illegal campaigns against Smith and his other former roommates.
"Further, records from PureVPN show that the same email accounts—Lin's Gmail account and the teleportfx Gmail account—were accessed from the same WANSecurity IP address," the complaint reads.
And then the complaint goes on to say what would be quite worrying for those who believe VPNs are their best way to protect their activities online:
"Significantly, PureVPN was able to determine that their service was accessed by the same customer from two originating IP addresses: the RCN IP address from the home Lin was living in at the time, and the software company where Lin was employed at the time."
Being one of the largest and well-known VPN providers, Hong Kong-based PureVPN is used by hundreds of thousands of users across the world, which eventually handed over details which a VPN is supposed to protect against.
Lin was arrested by the authorities on October 5, and if found guilty, he faces up to 5 years in prison and up to 3 years of "supervised release," according to the DoJ.