HideMyAss Anonymous VPN Shops Lulzsec Suspects

HideMyAss.com, the anonymous VPN service, has admitted that it handed over the details of one of the alleged Lulzsec hackers who attacked systems belonging to Sony Picture Entertainment.

The HideMyAss service is based in the UK and provides a free proxy that tell users they can “surf anonymously online, hide your IP address, secure your internet connection, hide your internet history, and protect your online identity.”

Last week the alleged Lulzsec hacker known as ‘Recursion’, aka Cody Andrew Kretsinger, 23, of Phoenix, Arizona, was arrested by the FBI.

Court Order

HideMyAss explained that it had complied with a court order to disclose Kretsinger’s IP address that he had used to log into the HideMyAss service.

Kretsinger had allegedly used HideMyAss.com’s web proxy service to disguise his IP (internet protocol) address whilst he was supposedly hacking into Sony Picture Entertainment servers.

That hack was part of the attack earlier this year on Sony that exposed the the names, birth dates, addresses, emails, phone numbers and passwords of thousands of people who had entered contests promoted by Sony.

And HideMyAss defended its role in handing over the IT address to the FBI in a blog posting.

“We have received concerns by users that our VPN service was utilised by a member or members of the hacktivist group ‘lulzsec’,” it wrote. “It first came to our attention when leaked IRC chat logs were released, in these logs participants discussed about various VPN services they use, and it became apparent that some (Lulzsec) members were using our service.”

“No action was taken, after all there was no evidence to suggest wrongdoing and nothing to identify which accounts with us they were using,” HideMyAss said. “At a later date it came as no surprise to have received a court order asking for information relating to an account associated with some or all of the above cases.”

Illegal Activity

HideMyAss went on to explain that as stated in its terms of service and privacy policy, its service is not to be used for illegal activity, and as a legitimate company it would co-operate with law enforcement if it receive a court order (equivalent of a subpoena in the US).

“Our VPN service and VPN services in general are not designed to be used to commit illegal activity,” it said. “It is very naive to think that by paying a subscription fee to a VPN service you are free to break the law without any consequences.”

It said its service was designed to be used by people wishing to bypass censorship, such as the recent Egyptian revolution “for which our service played a key role for protesters gaining access to websites such as Twitter which were blocked by the government.”

However it seems that Kretsinger may not be the only Lulzsec hacker that used HideMyAss.

Hacker Anger

According to the Guardian newspaper, HideMyAss may also be close to revealing the IP details of another alleged hacker with the online tag of ‘Neuron’, who may also be facing imminent arrest.

The newspaper cited the Pastebin logs, which show that “Neuron” and “Recursion” are not the same person, as the two were in the same chatroom at the same time, and on one occasion addressed each other directly. Recursion then apparently quit the group after it attacked an FBI-related site early in June, but Neuron remained.

Predictably the decision by HideMyAss to reveal Recursion’s IP address has not gone down well in the hacker community.

“Question @HideMyAssCom: Was it worth to rat out one guy who allegedly hacked #PSN in exchange for all your business? You will find out soon,” AnonymousIRC tweeted.

Meanwhile one of HideMyAss’s rivals lost little time in touting for business.

AirVPN said in a statement that it does not keep logs in the way that HideMyAss does: “we would like to reassure our users and our customers that nothing like that [handover of logs] may happen with AirVPN, for a series of legislative.”

It also said that it was based in the EU, not in the USA, and that it does not recognise American jurisdiction.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

View Comments

  • "Was it worth to rat out one guy who allegedly hacked #PSN in exchange for all your business? You will find out soon,”
    What cowards. What are they going to do besides put on their V masks and DDOS a website while eating cheeto's? Nothing worth a damn.

  • @Nevermore-

    You're an idiot if you think people will not flee HideMyAss in droves now that they know the company is lawful evil. They blantantly lied about their data retention policies, saying they do not log when they clearly do and now they showed their willingness to turn in their customers when a government comes knocking. And contrary to their statement, providing access around a regime's censorship apparatus is facilitating illegal activity within that country. So why can the American Feds come knocking for info but Syria, China, etc. cannot? If you were a dissident in a censorship-laden country, would you trust your life with HideMyAss knowing that they blatantly lie about the data they keep on their customers and will turn you in at the drop of a hat? Who gives HideMyAss the authority to ignore one country's laws just because they consider censorship immoral and unjust? And when the American-backed copywrong regime comes knocking, the data they claim not to retain on their users will be turned over at will even though they claim to want to help people route around regime censorship. If you really think a company that called themselves "HideMyAss" can survive this, without changing their name to WeWillTurnYourAssIn.com, then you are truly naive. I give HideMyAss 2 months before they either cease to exist altogether, or they reinvent themselves under a different name as to get rid of the negative connotation that every one of their customers now associates HideMyAss with.

  • Interesting post. Hidemyass will be all over the forums, and people wont use this service anymore. This is the worst they could do.

  • i used HMA While i was overseas.As a refrence, I have very little programing experience but had no problem installing and using Hidemyass i'd highly recomend it especially if you can get the holidays special rate

  • Hidemyass is the best one vpn provider it is best among the all providers and its best thing its interface is very easy i never had problem using it,. I highly recomended Hidemyass vpn

  • There are a score of vpn provider that claims they provide the best vpn service. The question now is, how can we be sure that these vpn services aren't used in underground activities? The very thing we thought would protect us is also the thing that would be used to harm us.

Recent Posts

SoftBank Promises To Invest $100bn In US

Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…

16 hours ago

Synopsys, SiMa.ai To Collaborate On AI Car Chips

Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…

17 hours ago

AI Start-Up Basis Raises $34m For Accountancy Agent

Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…

17 hours ago

Databricks Raises $10bn In Huge AI Funding Round

Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…

18 hours ago

Congo Files Complaints Against Apple Over Conflict Minerals

Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…

18 hours ago