A VPN provider sniffs traffic to track down a hacker

Proxy.sh a Virtual Private Network (VPN) provider has admitted in its announcements that it has spied traffic over its US-based server to track down a hacker.

That answer the questions being asked by many, “can you trust your VPN provider?”

Sniffing over its network was accordingly not directed by law enforcement but by its own following a complain by a family of their daughters being harassed online.

“We are unfortunate to announce that there have been abuse complaints about hacking activities on our U.S. Illinois 1 node. We have been saddened to learn that these actions were harmful to individuals (human beings),” part of its announcement stated.

“As a result, we will open this node again and monitor it with Wireshark for a period of 7 days. If you are the hacker, please stop your activities and leave our network. You are not welcome here. ”

The monitoring was stopped because the hacker contacted Proxy.sh prompting an apology and an end to the matter.

TorrentFreak has said in its reports, many may think the company was only acting responsible, “ending the abuse and acted properly” that particular incident “is likely to be damaging to the company.

Further announcement by Proxy.sh:

“We are very opened about our activities and we do not support or promote activities that may be harmful to human beings. We have been contacted by a family about someone using our network and harassing their daughters. As per stated in our ethics policy, we condemn activities that are harmful to human beings.

We have decided to install a monitor on our Illinois 1 node so as to locate the hacker. Few hours after we announced this move to our public, the hacker came to us to apologise. We then completely removed the Wireshark installation.

This situation shows that we are actually really not logging anything and that we will always tell our members when we have to log one of our nodes or our entire network, either for maintenance and small internal affairs such as this.

The situation also shows that the only solution we have to help law enforcement agencies find problematic use across our network, is to clearly install a logging capacity on it. As a result, we are able to either comply or shut down the servers we have in a particular location (it happened to us in Czech Republic few months ago).

We will only intervene into our traffic when we believe there have been activities infringing our ethical terms – that is when activities harmful to human beings (not corporations or entities) are taking place on our network. In such case, we do not privilege law enforcement agencies but rather communication, transparency and assistance from NGOs.”

Source : TorrentFreak | Softpedia