PureVPN Aided FBI to Track CyberStalker by Providing His Logs

On Friday a New Town, Massachusetts based man called Ryan Lin was arrested for cyberstalking after his VPN logs were provided by PureVPN. Lin was accused of cyberstalking his ex-roommate 24-year old Jennifer Smith. Initially, the case was handled by Waltham Police department, but it was then transferred to the FBI [PDF].

According to the department’s press release, Ryan Lin was “engaged in an extensive, multi-faceted campaign of computer hacking and cyberstalking that began in April 2016 and continued until the date of his arrest, against a 24-year-old female victim, her family, friends, and institutions associated with her.”

More: Hotspot Shield VPN accused of redirecting user traffic to advertisers

PureVPN, a virtual private network provider service, helped in extracting information about the online activities of the accused, which he was trying to hide using VPN. Initially, PureVPN claimed that the logs don’t even exist and so does its privacy policy page, which reads:

“We Do Not monitor user activity nor do we keep any logs. We, therefore, have no record of your activities.”

Surprisingly, after some time the same data was provided to law enforcement for gathering evidence, tracking and eventual arrest of the 24-year old Lin. This means, these logs do exist and can prove to be helpful in capturing criminals.

In Lin’s case, the online activities of the accused were tracked from April 2017 and records obtained from PureVPN showed two same accounts; one of them was Lin’s email account while the other was Teleportfxgmail account. Both were accessed using the same WANSecurity IP address.

Reportedly, PureVPN determined that a single customer accessed two originating IP addresses. These include the RCN IP address, which turned out to be the residence of Lin, and another address was tracked at the software firm where Lin worked at the time. His cyberstalking campaign lasted for 16 months.

The FBI states that Lin utilized a number of privacy services including Tor to hide his IP address, he used anonymized international texting service TextNow, VPNs and offshore private email service providers to carry out his malicious objectives. However, his mistake was that he used a work computer for some of his schemes and although he was terminated by then and the operating system was reinstalled, investigators were able to follow the footprints that he left behind to link the evidence with Lin. If convicted, Lin will be spending five years behind bars and nearly three years of supervised release.

One cannot deny the fact that Lin’s arrest by the FBI is justified given that the accusations are true since Smith claims that Lin cyberstalked her and her friends and family. Not only this, the accused leaked Smith’s online accounts passwords, posted fake sexually explicit pictures of her online, published personal journal records providing details of sexual encounters and created a fake profile on a BDSM site in her name and facilitated sexual encounters on sites that were “dedicated to prostitution, sexual fetishes, and other sexual encounters”.

According to Smith, Lin wanted to enact a rape fantasy with her, and he also tricked her friend into calling the police to her home, sent “images that likely constitute child pornography” to her family and friends and making rape, death and bomb threats.

“Lin allegedly created and posted fraudulent online profiles in the victim’s name (with her photographs and home address) and solicited rape fantasies, including ‘gang bang’ and other sexual activities, which in turn caused men to show up at her home. Also, it is alleged that Lin falsely and repeatedly reported to law enforcement that there were bombs at the victim’s Waltham residence.”

Despite that despicable behavior and the fact that people like Lin deserve to be behind bars, we still believe that PureVPN is required to keep private details secure because a majority of VPN users are unlike Lin and all of us are privacy conscious. Most users don’t prefer VPNs to remain unidentifiable while conducting malicious tasks but we want to ensure personal data security. Many users switch to VPN services as they either want to access sites like Netflix, iTunes or YouTube, access blocked websites or communicate with family or folks abroad apart from using it to retain anonymity.

None of these uses are harmful for other users. Moreover, just one in four users depend upon VPN to browse the net, so it is quite impractical to believe that about 800 million users across the world are using VPNs to fulfill nefarious objectives. Privacy-conscious people would most certainly feel betrayed when companies like PureVPN deceive them by claiming one thing and doing something entirely different.

More: How Apple and Facebook Helped US to Arrest Kickass Torrents’ Owner

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.