NEVADA – Man arrested for WannaCry cyber-attack

LAS VEGAS – The British cyber-security researcher who was praised for stalling the worldwide WannaCry cyber-attack has been arrested in Las Vegas.

Marcus Hutchins, 23, has been charged for involvement with Kronos – a separate piece of malware used to steal banking logins from victims’ computers.

Fellow cyber-security researchers have expressed surprise at the indictment.

The UK’s National Cyber Security Centre has said that it is aware of the situation.

WannaCry spread rapidly through computer systems around the world, in an unprecedented outbreak that began on May 12.

Shortly afterwards, Hutchins was thrust into the limelight after he found a way to stop it from spreading.

He had been in Las Vegas attending the Black Hat and Def Con cyber-security conferences, but activity on his Twitter feed – usually highly active – ceased a day ago.

Marcus Hutchins wanted to remain anonymous after the WannaCry outbreak, but his identity was later revealed.

“Marcus Hutchins… a citizen and resident of the United Kingdom, was arrested in the United States on 2 August, 2017, in Las Vegas, Nevada, after a grand jury in the Eastern District of Wisconsin returned a six-count indictment against Hutchins for his role in creating and distributing the Kronos banking Trojan,” the US Department of Justice (DOJ) said in a statement.

“The charges against Hutchins, and for which he was arrested, relate to alleged conduct that occurred between in or around July 2014 and July 2015.”

Kronos is malware that is designed to steal banking login and other financial data from infected computers.

The DoJ’s indictment alleges that Hutchins created and sold Kronos on internet forums, including the AlphaBay dark web market, which was recently shut down after an international law enforcement operation.

A second defendant is included in the indictment, but their name has not been made public.

Hutchins’ job involves investigating malware. Some who work in the same industry have expressed disbelief at his arrest.

“It looks like the US justice system has made a huge mistake,” said fellow researcher Kevin Beaumont on Twitter.

A spokesman for the UK’s National Cyber Security Centre said: “This is a law enforcement matter and it would be inappropriate to comment further.”

Hutchins was arrested while at an airport, according to a colleague who wished to remain anonymous.

“We tried to visit him at [the detention centre], but he was moved before visiting hours,” they told the BBC.

“We’ve not had any contact with him for 18 hours now.”

The arrest was first reported by news site Motherboard, which indicated the FBI was involved.

It is not known where Hutchins is being held in custody.

The British Consulate in Los Angeles issued the following statement: “We are in touch with local authorities in Las Vegas following reports of a British man being arrested.”

San Francisco-based digital rights group the Electronic Frontier Foundation said it was “deeply concerned” and added it was looking into the matter.

Source: (BBC)

Leave a Reply

Your email address will not be published. Required fields are marked *