If you’re watching YouTube videos, you’ll often see your favorite YouTubers advertising various VPNs. Some YouTubers, like LinusTechTips, advertise multiple VPNs across their multiple videos. But are they really any good? Are your favorite YouTubers shilling those VPNs to their audience because they earn money – which I think is unethical – or do they truly believe that those firms they advertise are actually great VPNs?

VPNs in general have great benefits: In scambaiting, they are important to disguise your IP address and make it look like you’re from a different place while your real IP address cannot be seen. To the websites you visit it looks like the IP address of your VPN provider is surfing. Only the VPN provider can see your real IP address and for your safety, they should be located in a country where it’s hard to obtain logs and best practice would be if they don’t keep logs at all, who was connected when and which traffic. This can be extremely helpful to minimize your digital footprint and to avoid lawsuits by highly litigious US-based scammers such as extended car warranty robocallers because all they can obtain is your VPN IP address and not your real one which can be subpoena’d. Unfortunately, many VPNs promise these things but the reality doesn’t match up with these claims.

Meet Kape Technologies (former name: Crossrider), a dubious British-Israeli company founded among others by a convicted criminal. Starting as Crossrider, their initial product was a browser extension that is classified as an adware and allowed to hijack users’ browsers using malware injection and use that to redirect the users to advertisements and also gather data to sell it later on[1]. They then moved on to “cyber security” and rebranded themselves to Kape Technologies in order to get rid of their tarnished reputation. But the issues don’t stop here: They run ReImage, a scareware that claims to improve your computer’s performance but does little to nothing and just tries to upsell you and pay for the software. Malwarebytes, a reputable antivirus software company, calls this whole category of software “potentially unwanted software” or PUP and goes as far to call it “digital snake oil” due to the dubious promises, advertising practices[2]. Even famous scambaiting YouTuber Jim Browning made a video about this scam:

But Kape Technologies doesn’t stop there. They own multiple VPN brands, such as CyberGhost VPN, Private Internet Access, ZenMate VPN and now, they acquired ExpressVPN [3] [4]. It’s unsure what that exactly means for users and customers of those VPNs in regards to logging the traffic or meta data but it definitely leaves a bad aftertaste. At least there is no hard evidence against them until now.

That is until September 16, when CIA-whistleblower Edward Snowden tweeted about them:

What happened? The United States Department of Justice released and indictment against three former U.S. Intelligence personell, Marc Baier, Ryan Adams, and Daniel Gericke for computer fraud charges and for their involvement in helping the United Arab Emirates government in hacking and spying on individuals[5] [6] [7]. They provided services that allowed the U.A.E. government to infect mobile devices without having the users to click on anything. All three accused admitted to the allegations and paid $1.68 Million to resolve the criminal charges. Daniel Gericke works as Chief Information Officer (CIO) at ExpressVPN. This does not sound well for a company that supposedly tries to protect its users from any snooping on their internet traffic and is a major red flag when dealing with ExpressVPN.

Overall, there are simply too many red flags with Kape Technologies and all their subsidiaries. When searching for a VPN, trust plays a major role. We cannot verify all the claims about no-logs-policies. When push comes to shove, many companies might just cooperate with authorities and hand your data over or, like the free VPNs out there, their entire business model is to sell your internet traffic to advertisers while publicly announcing that they don’t log anything.

Stay away from ExpressVPN, Private Internet Access, CyberGhost VPN!

(Disclaimer: I am an affiliate of NordVPN but this article and my opinion on the above listed companies does not change by that. Even without the affiliation, I would not recommend those VPNs)

External Sources:

[1] https://www.cnet.com/tech/services-and-software/what-is-kape-technologies-what-you-need-to-know-about-the-parent-company-of-cyberghost-vpn/
[2] https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/
[3] https://www.kape.com/our-brands/
[4] https://www.zdnet.com/article/expressvpn-sells-to-kape-technologies-for-936-million/
[5] https://www.justice.gov/opa/pr/three-former-us-intelligence-community-and-military-personnel-agree-pay-more-168-million
[6] https://www.justice.gov/opa/press-release/file/1432606/download
[7] https://www.cbs58.com/news/doj-charges-3-former-us-intelligence-operatives-with-helping-build-uae-hacking-program