ExpressVPN exec among three facing $1.6 million fine for helping UAE spy

The former US intelligence operatives and military members have agreed to pay the Justice Department fine.

Rae Hodge Former senior editor
Rae Hodge was a senior editor at CNET. She led CNET's coverage of privacy and cybersecurity tools from July 2019 to January 2023. As a data-driven investigative journalist on the software and services team, she reviewed VPNs, password managers, antivirus software, anti-surveillance methods and ethics in tech. Prior to joining CNET in 2019, Rae spent nearly a decade covering politics and protests for the AP, NPR, the BBC and other local and international outlets.
Rae Hodge
3 min read
Sign at the US Department of Justice headquarters in Washington, DC
Samuel Corum/Getty Images

The chief information officer of a leading virtual private network is among three former US intelligence and military personnel who altogether have been fined more than $1.6 million by the US Department of Justice to resolve hacking-related charges. ExpressVPN CIO Daniel Gericke, as first reported Tuesday by Reuters, is among the three former US intelligence operatives and military members involved in Project Raven who worked as mercenary hackers for the United Arab Emirates, helping it spy on its enemies. ExpressVPN said its trust in Gericke "remains strong." 

The three defendants have agreed to cooperate with US authorities and pay the fine in exchange for deferred prosecution, according to a Justice Department release. The three have also forfeited foreign and US security clearances and face future employment restrictions. The agreement comes a day after ExpressVPN announced it had been sold as part of a $936 million deal to former adware distributors Kape Technologies, a company co-founded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading

Read moreWhat is Kape Technologies? What you need to know about the parent company of CyberGhost VPN 

Despite future employment restrictions, ExpressVPN noted in an email to CNET that Gericke was not among the members of the US intelligence community referenced in the Justice Department's filing but a former member of the US military, and that ExpressVPN still backs Gericke's position within the company. 

"We've known the key facts relating to Daniel's employment history since before we hired him, as he disclosed them proactively and transparently with us from the start. In fact, it was his history and expertise that made him an invaluable hire for our mission to protect users' privacy and security," ExpressVPN said, adding that the company has already benefitted from Gericke's history in the US government.

"We were confident at the time and continue to be confident now in Daniel's desire and ability to contribute to our mission of enabling users to better protect their privacy and security. He has demonstrated nothing but professionalism and commitment to advancing our ability to keep user data safe and private. Our trust in Daniel remains strong."

By Tuesday evening, Gericke's social media accounts on Twitter and LinkedIn appeared to have been removed from public view. 

Project Raven, first exposed in 2019, involved the development and deployment of hacking and surveillance tools for the UAE that were allegedly used to target US victims and prominent activists who spoke out against the UAE's human rights record. Other Project Raven targets allegedly included the Emir of Qatar, a Nobel Peace laureate human-rights activist in Yemen. 

In a Justice Department release, Acting Assistant Attorney General Mark J. Lesko called the agreement a "first-of-its-kind resolution" for an investigation into two distinct strains of crime. 

"Providing unlicensed export-controlled defense services in support of computer network exploitation, and a commercial company creating, supporting and operating systems specifically designed to allow others to access data without authorization from computers worldwide, including in the United States," he said. "Hackers-for-hire and those who otherwise support such activities in violation of U.S. law should fully expect to be prosecuted for their criminal conduct."

Correction, 11:24 p.m. PT: A previous version of this story inaccurately characterized Gericke's previous role within the US government. Gericke is a former member of the US military.