ExpressVPN CIO among three facing $1.6 million DOJ fine over Project Raven

Sign at the US Department of Justice headquarters in Washington, DC

Samuel Corum/Getty Images

The chief info officer of a number one digital non-public community is reportedly among three former US intelligence and navy personnel fined greater than $1.6 million by the US Department of Justice to resolve hacking-related costs. ExpressVPN CIO Daniel Gericke, as first reported Tuesday by Reuters, is among the three former US intelligence operatives and navy members concerned in Project Raven who labored as mercenary hackers for the United Arab Emirates, serving to it spy on its enemies. ExpressVPN stated its belief in Gericke “remains strong.” 

The three defendants have agreed to cooperate with US authorities and pay the fine in alternate for deferred prosecution, in response to a Justice Department release. The three have additionally forfeited overseas and US safety clearances and face future employment restrictions. The settlement comes a day after ExpressVPN introduced it had been bought as a part of a $936 million deal to former adware distributors Kape Technologies, an organization cofounded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading

Read extraWhat is Kape Technologies? What it’s essential know in regards to the father or mother firm of CyberGhost VPN 

Despite future employment restrictions, ExpressVPN famous in an e-mail to CNET that Garecki was not among the members of the US intelligence group referenced within the Justice Department’s submitting however a former member of the US navy, and that ExpressVPN nonetheless backs Gericke’s place throughout the firm. 

“We’ve known the key facts relating to Daniel’s employment history since before we hired him, as he disclosed them proactively and transparently with us from the start. In fact, it was his history and expertise that made him an invaluable hire for our mission to protect users’ privacy and security,” ExpressVPN stated, including that the corporate has already benefitted from Gericke’s historical past within the US authorities.

“We were confident at the time and continue to be confident now in Daniel’s desire and ability to contribute to our mission of enabling users to better protect their privacy and security. He has demonstrated nothing but professionalism and commitment to advancing our ability to keep user data safe and private. Our trust in Daniel remains strong.”

By Tuesday night, Gericke’s social media accounts on Twitter and LinkedIn appeared to have been faraway from public view. 

Project Raven, first exposed in 2019, concerned the event and deployment of hacking and surveillance tools for the UAE that have been allegedly used to focus on US victims and prominent activists who spoke out towards the UAE’s human rights report. Other Project Raven targets allegedly included the Emir of Qatar, a Nobel Peace laureate human-rights activist in Yemen. 

In a Justice Department launch, Acting Assistant Attorney General Mark J. Lesko referred to as the settlement a “first-of-its-kind resolution” for an investigation into two distinct strains of crime. 

“Providing unlicensed export-controlled defense services in support of computer network exploitation, and a commercial company creating, supporting and operating systems specifically designed to allow others to access data without authorization from computers worldwide, including in the United States,” he stated. “Hackers-for-hire and those who otherwise support such activities in violation of U.S. law should fully expect to be prosecuted for their criminal conduct.”

Correction, 11:24 p.m. PST: A earlier model of this story inaccurately characterised Gericke’s earlier position throughout the US authorities. Gericke is a former member of the US navy.