We reported last week on Lulzsec hacker Cody Kretsinger, aka ‘Recursion’ who could be spending up to 15 years in jail. An interesting twist in the case came to light, in that UK company HideMyAss passed over his IP address to the Feds.
“We have received concerns by users that our VPN service was utilized by a member or members of the hacktivist group ‘lulzsec’. Lulzsec have been ALLEGEDLY been responsible for a number of high profile cases.
- The hacking of the Sony Playstation network which compromised the names, passwords, e-mail addresses, home addresses and dates of birth of thousands of people.
- The DDOS attack which knocked the British governments SOCA (Serious Organised Crime Agency) and other government websites offline.
- The release of various sensitive and confidential information from companies such as AT&T, Viacom, Disney, EMI, NBC Universal, and AOL.
- Gaining access to NATO servers and releasing documents regarding the communication and information services (CIS) in Kosovo.
- The defacement of British newspaper websites The Sun & The Times.
- The hacking of 77 law enforcement sheriff websites.”
They then received a court order and subsequently passed over the information to law enforcement agencies.
Our VPN service and VPN services in general are not designed to be used to commit illegal activity. It is very naive to think that by paying a subscription fee to a VPN service you are free to break the law without any consequences. This includes certain hardcore privacy services which claim you will never be identified, these types of services that do not cooperate are more likely to have their entire VPN network monitored and tapped by law enforcement, thus affecting all legitimate customers.”
It would appear that law enforcement agencies used the information from HideMyAss to locate Kretsinger.
Kitguru says: The moral of the story is, if you are using companies to hide your IP to commit illegal activities then be sure to read the small print.