🤑 It doesn’t get more affordable. Grab this 60% OFF Black Friday offer before it disappears…CLAIM SALE

Cyber expert who stopped 'WannaCry' attack arrested in U.S. on hacking charges

Published 08/03/2017, 08:24 PM
© Reuters. FILE PHOTO: The DOJ logo is pictured on a wall after a news conference in New York

By Dustin Volz and John L. Smith

SAN FRANCISCO/LAS VEGAS (Reuters) - A cyber security researcher widely credited with helping to neutralize the global "WannaCry" ransomware attack earlier this year has been arrested on unrelated hacking charges, according to court documents unsealed on Thursday.

Marcus Hutchins, a 23-year-old British-based malware researcher who gained attention in May for detecting a "kill switch" that effectively disabled the WannaCry worm, was detained by the FBI in Las Vegas on Wednesday, a U.S. Justice Department spokesman said. He was among tens of thousands of hackers who had descended on the city during the annual Black Hat and Def Con conventions.

An indictment filed in a U.S. District Court in Wisconsin accused Hutchins, also known online as "MalwareTech," of advertising, distributing and profiting from malware code known as "Kronos" that stole online banking credentials and credit card data. Hutchins' alleged activity took place between July 2014 and July 2015, according to the indictment.

Hutchins, who faces six counts related to Kronos, was indicted along with an unnamed co-defendant on July 12, but the case remained under seal until Thursday, a day after his arrest.

Hutchins appeared before U.S. Judge Nancy Koppe in Las Vegas on Thursday. Dan Coe, a federal public defender, told the court Hutchins "had cooperated with the government prior to being charged."

The hearing was scheduled to continue Friday afternoon to determine whether he will be represented by private legal counsel or a public defender.

Hutchins showed no emotion as Koppe read the charges against him.

KRONOS MALWARE

Kronos malware downloaded from email attachments left victims' systems vulnerable to theft of banking and credit card credentials, which could have been used to siphon money from bank accounts.

The indictment alleges that the unidentified co-defendant advertised the Kronos malware on AlphaBay, a dark web marketplace that international authorities took offline last month. Investigators said the site allowed anonymous users to facilitate global trade in drugs, firearms, hacking tools and other illicit goods.

The Justice Department said Kronos was used to steal banking systems credentials in Canada, Germany, Poland, France, the United Kingdom and other countries.

Within the cyber security community, Hutchins was heralded as a folk hero for his apparent role in stopping the WannaCry attack, which infected hundreds of thousands of computers and caused disruptions at car factories, hospitals, shops and schools in more than 150 countries.

A Justice Department official said his arrest was unrelated to WannaCry.

Some security researchers and computer crime experts said they were skeptical of the charges against Hutchins.

"The government needs to show intent to further a crime," said Orin Kerr, a professor at George Washington University Law School and expert on computer crime. "Merely creating and selling malware, on its own, isn't enough."

Reuters was unable to reach Hutchins. Salim Neino, chief executive of the California-based Kryptos Logic, the security firm where Hutchins is employed, did not respond to requests for comment.

© Reuters. FILE PHOTO: The DOJ logo is pictured on a wall after a news conference in New York

Hutchins' arrest was first reported by the security website Motherboard.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.