
NordVPN sued by Torguard for blackmail [pdf] - rasengan
https://torguard.net/downloads/docs/Dkt.%206%20Amended%20Complaint.pdf
======
cyberpunk
Had a quick skim; it seems at a glance like someone from TorGuard badmouthed
NordVPN on a youtube comment ( _sigh_ ), so NordVPN apparently in response
threatened to disclose "trade secret information obtained by NordVPN regarding
TorGuard’s systems" it obtained via a hosting provider TorGuard used which is
owned by the NordVPN people. This apparently involved some pretty sketchy
stuff like sending people to the house of a TG employee to intimidate them.

Whoops.

What kind of 'trade secret information' could a vpn provider be blackmailed
with though? What kind of information could you gleam as the owner of a
'service provider' for such a use? I'm suffering from an apparent lack of
imagination here.

Either way, this looks pretty messy and as a NordVPN user, I'm surprised how
amateurish this all seems.

~~~
cyberpunk
Reading the parent pdf vs Nord's response [0] I'm slightly more inclined to
believe Nords version of events here...

0: [https://nordvpn.com/blog/torguard-
lawsuit/](https://nordvpn.com/blog/torguard-lawsuit/)

~~~
penagwin
I'm not sure, their response could be fabricated too. I'm interested in if
Torguard has any evidence of them physically approaching their employee.

> Within an hour of this in-person and unannounced visit, the same TorGuard
> contractor received unsolicited correspondence from an employee at NordVPN.
> This correspondence stated that NordVPN had received certain of TorGuard’s
> confidential and trade secret information and requested to set up an instant
> message chat to discuss this with TorGuard.

Also, according to both parties they communicated with each other with
evidence. So all either party has to do to claim their innocence is submit the
emails/communications they claimed to have.

\---

The DDOS part I'm very weary about. What evidence does torguard have that
NordVPN was the one carrying out the DDOS attacks? I'll admit I haven't
thoroughly examined the entire document, but they don't really seem to state
how they know NordVPN was behind the attacks, they just list the dates they
were attacked. Given the nature of DDOS attacks, they could be from anyone.

~~~
ganoushoreilly
What if I told you that a lot of these "VPN providers" were shell companies
built to explicitly facilitate access and tools for crime / espionage with the
premise of having _users_ there as cover.

~~~
penagwin
Oh trust me, I'm well aware of "VPN providers". Just checkout luminati.io .
See how they offer an SDK so "You can offer the user a choice between
advertisements or a bit of background data usage"? I asked, and they are only
interested in partners with 100k active users a month. Right, like a
legitimate company with that many users is going to use luminati.

Or oxylabs.io who I think owns luminati?

I'm also aware that many of the VPNs are owned by the same parent companies.

And also that VPNs are ridiculously over marketed. They don't "add security"
for most people, they just move who you're trusting from your ISP to the VPN
company. Right, like I want to trust a company registered in Panama with no
other existence outside of this year not to sell my data.

\---

tl;dr - I don't trust any of them. If I want a "VPN" I just ssh-tunnel into a
VPS from an established company that I purchase with a different account.
Could the VPS provider do fishy stuff? Sure, but I trust them a lot more then
these "VPN" providers.

~~~
preinheimer
More on how luminati and other "residential ip" providers work here:
[https://medium.com/@xianghangmi/resident-evil-
understanding-...](https://medium.com/@xianghangmi/resident-evil-
understanding-residential-ip-proxy-as-a-dark-service-dea9010a0e29)

~~~
farisjarrah
Looks like Luminati is also explicitly getting developers to put a luminati
proxy client into their apps and have users opt into using that instead of
getting fed advertisements.

[https://luminati.io/faq](https://luminati.io/faq)

Between your link, and the luminati faq's, I definitely have more questions
then when I started looking at these articles.

~~~
penagwin
Luminati didn't start off like that. They started by burying what they were
doing in a "free" vpn.

I asked, and they are only interested in partners with 100k active users a
month. They REALLY REALLY wanted to talk to me over skype. Right, like a
legitimate company with that many users is going to use luminati.

The use case of luminati is almost entirely grey/black hat. Their history is
laughably sketchy. Unless anybody knows of any apps that use the SDK and ask
for permission, I suspect that FAQ page is just for show. Again you have to be
a big player to even use it, it's not a stretch to believe they don't
"enforce" the consent rule.

------
Tomspark
Hey guys, Tom Spark here. I'm the video content creator that caused this whole
thing. NordVPN hates my channel since I critique and criticize them a lot.
They want to censor my channel to remove the bad reviews and so forth (ironic
from a VPN company that is suppose to prevent censorship no?). To date,
NordVPN is one of the lowest rated VPNs on my VPN tier list at
[http://vpntierlist.com/](http://vpntierlist.com/).

They are also in the news a lot for various things and I make sure to cover it
whereas other VPN affiliates don't (most VPN affiliates are aligned with 100%
based comission VPNs like Nord).

I summarized the entire story with 3 videos if anyone wants the full story. Or
the latest take on Nord's blog post here (which I believe to be complete bull)
:[https://www.youtube.com/watch?v=icD3Bva7xtY](https://www.youtube.com/watch?v=icD3Bva7xtY)

~~~
knd775
I'm not directly accusing you of anything, but you sort of come across as a
shill or extreme fanboy of TorGuard. How can you give them 5s across the
board?

-Speed: During my testing with PIA and TorGuard, PIA was consistently 50% faster.

-App: The TorGuard app is lacking in features and poorly designed.

-Price: It's substantially more expensive than most providers.

-Reputation: They've had not too great a reputation for a while now

I do not believe that you are an objective party here.

~~~
kristofferR
Yeah, to still give them 5 stars for reputation after this whole lawsuit
fiasco, is absurd. The apps are mediocre at best, rated just 3.1/5:
[https://itunes.apple.com/us/app/torguard-anonymous-vpn-
servi...](https://itunes.apple.com/us/app/torguard-anonymous-vpn-
service/id988743799), so if nothing else his app score is clear evidence of
him being impartial.

According to comments on his review they've also added Google trackers/capchas
to their login page, something you wouldn't see on a reputable provider.

~~~
Tomspark
?

~~~
kristofferR
Yeah, everyone who disputes your dubious paid endorsement of TorGuard as
perfect/"GOD-tier", despite undisputable evidence to the contrary like having
mediocrely rated apps, is obviously shilling for their competitors.

Give me a break...

~~~
PatrolX
FACT: Tom Spark is a TorGuard shill. Affiliate #4374.

~~~
Tomspark
[https://youtu.be/ppbZ3tFQ1ts](https://youtu.be/ppbZ3tFQ1ts)

------
kadoban
NordVPN is by far the shittiest VPN service I have ever used. They billed me
twice, two months in a row, and getting them to fix it was like pulling teeth.
This is not to mention the hard time I had actually using the service, between
random inability to connect and outages.

They have ISP-level arrogance, without the lock-in. I have no idea how they're
still in business.

So I'd be very inclined towards believing this story.

~~~
jimbokun
Can anyone recommend another VPN provider, than Nord or Torguard? Main use
case is for using public WiFi when travelling.

~~~
xoa
> _Main use case is for using public WiFi when travelling_

Your own VPN is the correct answer. If you have a fast enough symmetric link
at home then just run a small machine there (or your router/sec appliance may
support it) or else get a ~$5 VPS from
OVH/DigitalOcean/Scaleway/Amazon/Google/MS or whomever you like and run
WireGuard on it. Or if you want something more turnkey with IKEv2 support (if
you have devices that can't use WG) then check out Algo [1].

But there is likely no need for or reason to use a "VPN provider" if all
you're looking to do is shift your virtual entry point to the internet from
the edge, and lots of good reasons not to. The only real exception would be if
latency is a major concern, you travel very widely and don't want to deal with
any extra hassle setting up a solution to move between regions. In that case
might be worth keeping an eye on CloudFlare's "Warp" solution [2], which will
probably be about as good as it gets in that regard since they've got
infrastructure worldwide and will be able to route well.

But I'd definitely suggest checking out running WG (alone of via Algo)
yourself. It really is straight forward.

\----

1: [https://github.com/trailofbits/algo](https://github.com/trailofbits/algo)

2: [https://blog.cloudflare.com/1111-warp-better-
vpn/](https://blog.cloudflare.com/1111-warp-better-vpn/)

~~~
knd775
One of my main use cases for a VPN is appearing from different countries. I
also anonymize my traffic. If I own the VPS, that traffic can be tracked to my
quite easily. I use a VPN for these things a couple times a week. I can (and
do) use my own VPN just to secure my traffic on untrusted networks, but
there's more to it that just that.

------
wongarsu
> Collective 7 is a Canadian hosting company [...] now owned or controlled by
> NordVPN. [...]

> NordVPN threatened to release TorGuard’s confidential and trade secret
> information that was obtained by NordVPN from Collective 7— who, in turn,
> obtained this information during the time TorGuard utilized Collective 7 as
> a service provider. NordVPN threatened to release this information unless
> TorGuard forced or coerced a third party into silence, as this third party
> was publishing legitimate criticisms of issues associated with NordVPN’s
> business practices.

If true this reflects very poorly on NordVPN. How much criticism did they
manage to suppress successfully until someone sued for blackmail?

~~~
rasengan
NordVPN has been known to suppress a lot of information about themselves -
even the country in which they operate.

Given C7 is involved as well I’m very confident it’s true.

~~~
ganoushoreilly
And they are closely aligned with other vpn providers that all leveraged micfo
(as is stated in this complaint).

~~~
rasengan
C7’s owner is involved with quite a few VPN companies.

------
dangerface
NordVPN response

[https://nordvpn.com/blog/torguard-
lawsuit/](https://nordvpn.com/blog/torguard-lawsuit/)

~~~
el_cujo
"It all started when we received information that led us to finding a TorGuard
server configuration file lying in the open on the internet... We hoped that
after providing this vital assistance towards securing TorGuard’s
infrastructure, they would also cease with their illegal defamation campaign."

So nord is shitty for digging up dirt on torguard because they were mean to
them online and torguard is shitty for having these vulnerabilities in the
first place. Are there any vpn services run by a company that is neither slimy
nor incompetent?

~~~
nickik
Try mullvad.net.

A bunch of hackers in Sweden. You can pay without exposing any information
about yourself and they support wireguard (even help pay for and doing their
own development on it).

I meet some of them personally on hacker conferences as well and they knew
what they were talking about.

~~~
ionised
I would second for Mullvad too.

It's been the only VPN provider that has ticked all my boxes.

------
despera
This whole drama (not of the highest quality) should be a big warning for all
those naive people (trying hard not to call names) who seem to not completely
understand the HUGE trust threats that _all_ VPN services entail. VPN services
are black boxes. You have absolutely no idea what they doing in their black
boxes despite all their claims. A nice post that sums everything up:
[https://schub.io/blog/2019/04/08/very-precarious-
narrative.h...](https://schub.io/blog/2019/04/08/very-precarious-
narrative.html)

~~~
trymas
100% concur to your opinion.

Anecdata, but from couple stories from people who worked/interviewed at VPN
providers - I believe that in couple years we'll start see same horror stories
of private data issues, like we are having with social network and internet ad
businesses today.

EDIT: apparently my anecdata is not anecdotal [0]. When it's race to the
bottom for consumer pricing - your bandwith is resold (or at least there's
capability to do that) for botnet purposes.

[0] [https://restoreprivacy.com/lawsuit-names-nordvpn-
tesonet/](https://restoreprivacy.com/lawsuit-names-nordvpn-tesonet/)

~~~
despera
I'm sure we will, there have already been cases where claims about not keeping
logs turned to be plain lies, sure why some wouldn't share their user's habits
for further "analysis" for extra profit upon subscriptions.

The plain fact is that you don't know what they are doing, it's impossible to
know.

If they ever find a way for an introspective verification/validation of
configurations coupled with the connection itself (or whatever mumbo jumbo),
then we can talk again about middle-men's trust.

------
liamkinne
With these VPN services having become a race to the bottom, it's not all that
unsurprising that stuff like this happens.

~~~
neilv
I think the race to the bottom already has many providers in fistfights at the
finish line.

For example, when I tried Kodi (as a non-piracy living room media box starting
point) a couple years ago, one of the reasons I gave up on it was that it
seemed almost every Web search for technical questions would be filled with
hits for VPN affiliate pitches. I also found forums, such as on reddit, filled
with shilling, drama, and intrigue about VPNs, including some prominent ones.
Then there was the related scandal of Facebook targeting children with a "VPN"
surveillance channel, and there's really no assurance that many VPN providers
aren't doing a similar thing.

I suspect there are some legitimate VPNs, but I decided I actually trust free
Tor more than any random VPN, for some casual degree of protection against
snooping open WiFi and ISP.

------
safeplanet-fesa
I used to be one using and praising ProtonMail, but after the Tesonet scandal
turned me around. The worst evidence for me was their responses, how they were
constantly calling it a "smear campaign by PIA", often not providing any
plausible explanations. Duh, PIA published it and put work into raising public
awareness. They are competitors, they found your dirty laundry and published
it, duuuuh. Whoever discovered it, doesn't matter, they couldn't respond to
the actual facts, only repeating the annoying combination of words "smear
campaign". I don't trust a single VPN provider and would rather trust my exit
point to my ISP which is regulated by local laws, rather then trusting it to
god know whom god knows where. I would be happy to see the issues of Tesonet
and their links to NordVPN and ProtonMail/VPN raised again!

~~~
protonmail
Not sure if you saw it, but Proton published a response here:
[https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn...](https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn_and_tesonet/)

The fact that hundreds of Twitter bots were used to spread the allegations is
rather strong evidence that there was indeed a smear campaign. Details about
this here: [https://protonvpn.com/blog/is-protonvpn-
trustworthy/](https://protonvpn.com/blog/is-protonvpn-trustworthy/)

------
hartator
From NordVPN response:

> It all started when we received information that led us to finding a
> TorGuard server configuration file lying in the open on the internet.

It's highly doubtful that's some random person will send some security
vulnerabilities about a company to another unrelated company. It's more
probable that NordVPN had its own team trying to hack or at least test
Torguard defenses. That makes the DDoS allegations more believable.

~~~
kabacha
> It's highly doubtful that's some random person will send some security
> vulnerabilities about a company to another unrelated company.

When I had a small web-crawling/automation business we'd get quite few emails
like that oferring all sorts of datasets and security holes for sale. We never
responded (people already have a hate boner for web-crawlers lol).

Maybe someone with more gray/black hat infosec knowledge could comment on
plausability on this but honestly I wouldn't underestimate black hat sales
skills :)

------
safeplanet-fesa
NordVPN is one of the ugliest in the on its own shady VPN business. They did
their best to slowly make the Tesonet scandal slide away. Here on HN some
users provided extensive insights about their connections with the Lithuanian
data mining company and convincingly demonstrated that NordVPN must be the
most evil VPN honeypot and deceiver.

~~~
trymas
Can you tell more about what is the "Tesonet scandal"?

I've heard such shady stuff about NordVPN that I would never trust them with
their data, also would never trust any other VPN provider.

EDIT: I thing I've found it:

[https://restoreprivacy.com/lawsuit-names-nordvpn-
tesonet/](https://restoreprivacy.com/lawsuit-names-nordvpn-tesonet/)

[https://news.ycombinator.com/item?id=17258203](https://news.ycombinator.com/item?id=17258203)

I was informed before not to use NordVPN for their (anecdotal) shady
practices, but the fact that ProtonMail is in this crap too - I do not know
who to trust anymore when I am buying "privacy" online.

~~~
protonmail
ProtonMail is not involved and the story is really bogus. Proton happens to
have an office in Lithuania (one of 6 globally) and was dragged in as a
result, but otherwise there is no real connection as explained here:
[https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn...](https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn_and_tesonet/)

ProtonVPN in particular has been vetted by third parties such as Mozilla, and
is operated very transparently as outlined here:
[https://protonvpn.com/blog/is-protonvpn-
trustworthy/](https://protonvpn.com/blog/is-protonvpn-trustworthy/)

The location of Proton offices for example, has always been publicly
disclosed, the directors of the Swiss parent company Proton Technologies AG,
and the company's CERN roots, etc, are all in public record.

------
bitxbitxbitcoin
Just a friendly reminder to the world that NordVPN is also the one that lies
about being based in Panama :).

~~~
UpperBodyEimi
Where are they based?

~~~
safeplanet-fesa
Likely, in Lithuania, where they are subject to data retention laws, which
means they are obliged to keep data for 6 month. I can suggest to search for
"NordVPN Tesonet", the scandal that happened a year ago or so. The data mining
possibility is horrible on its own, but Reddit and Hacker News users have
discovered much more on the way. Everything is already said and exposed, hard
to believe how much influence in general media they have that they could bury
the whole story.

------
kaivi
Maybe off topic, but if anyone from NordVPN is reading this: for the love of
god fix your iOS and OS X clients, so they don't log out randomly. I can't
even begin to describe how frustrating that is.

------
billpg
I'm getting a TLS error from this link. Is it for everyone or just me?

~~~
thebouv
I get that same issue.

~~~
computerfriend
Can you explain what exactly the issue is? Where is the certificate chain
breaking?

------
crisopolis
So pretty much NordVPN pokes TorGuard into suing and now... NordVPN gets to
put TorGuard in a body bag and call it a day as they've always wanted. Mission
Accomplished.

------
vortico
>$75,000

Wouldn't this only just barely cover court/lawyer costs?

~~~
phonon
That's the minimum to make it a Federal lawsuit. The damages, if any, would be
determined later.

------
rb666
Why even use NordVPN when you can have AirVPN. Better in all ways...

------
sleepyburrito
PIA has been caught orchestrating smearing campaign against nord in the past.
It's funny to see how pias employee is all over this thread again, trying to
undermine a competitor. Are you a messenger now for torguard now also?

------
mqbqi
What exactly is the "confidential and trade secret information" about?

~~~
Aromasin
Seems that there were some massive security vulnerabilities that NordVPN
found. [1] I'm very interested in seeing how this court case works out, as at
this point I don't know who to believe.

[1] [https://nordvpn.com/blog/torguard-
lawsuit/](https://nordvpn.com/blog/torguard-lawsuit/)

------
skippybobby
You can clearly see that TG include stuff about Nord that aint related to the
lawsuit, nor to the court itself, and thats clearly why - to make Nord look
bad guys in this scenario, while all the claims sounds like bs. Torguard
hasn’t even filled in the correct company name when they filed the suit first,
which speaks for itself on how professional they are. Anyhow, how is that Nord
the bad guy now and everyone forgets the fact that they just wanted to let
torguard know about their own vulnerability to fix?

~~~
robertthebruce
And how do you know the Micfo IP fraud is not related to NordVPN? They were
using them extensively.

Collective Seven (C7) is related to a very long list of VPNs, including Nord,
yet NordVPN has denied knowing them.

> Anyhow, how is that Nord the bad guy now and everyone forgets the fact that
> they just wanted to let torguard know about their own vulnerability to fix?

It looks bad because they tried to force censorship in exchange for a non
vulnerability. Torguard has a bounty program but instead Nord sent someone to
the Torguard employee's house and tried to intimidate them into silencing a
Youtuber.

It appears Nord knew what they had was not a vulnerability but still wanted
use it as leverage for taking down the Youtuber's videos. This is censorship
at it's worst.

