Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Monday July 30 2018, @04:38PM   Printer-friendly [Skip to comment(s)]
from the windows-TCO dept.

Independent journalist Marcy Wheeler has written a summary of the current state of the case against Marcus Hutchins. Marcus is also known online as MalwareTech and came into the spotlight last year for stopping another global outbreak of more Microsoft Windows malware.

In short, she covers the following five points about the case:

  • Motion for a Bill of Particulars with respect to CFAA charges [...]
  • Challenge to Seventh Count (CFAA) [...]
  • Motion to dismiss the whole damn indictment [...]
  • Motion to dismiss wiretapping because Congress never intended to charge foreigners with wiretapping and none of the rest of this happened in the United States [...]
  • Motion to compel the identity of Randy [...]

Marcus was arrested last year after attending a security conference inside the US.

Earlier on SN:
Marcus Hutchins, WannaCry-Killer, Hit With Four New Charges by the FBI (2018)
Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con (2017)
"Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS (2017)


Original Submission

Related Stories

"Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS 88 comments

NSA-created cyber tool spawns global ransomware attacks

From Politico via Edward Snowden via Vinay Gupta:

Leaked alleged NSA hacking tools appear to be behind a massive cyberattack disrupting hospitals and companies across Europe, Asia and the U.S., with Russia among the hardest-hit countries.

The unique malware causing the attacks - which has spread to tens of thousands of companies in 99 countries, according to the cyber firm Avast - have forced some hospitals to stop admitting new patients with serious medical conditions and driven other companies to shut down their networks, leaving valuable files unavailable.

The source of the world-wide digital assault seems to be a version of an apparent NSA-created hacking tool that was dumped online in April by a group calling itself the Shadow Brokers. The tool, a type of ransomware, locks up a company's networks and holds files and data hostage until a fee is paid. Researchers said the malware is exploiting a Microsoft software flaw.

Thoughts on a similar scenario were published by the Harvard Business Review two days before this incident.

One or more anti-virus companies may have been hacked prior to WannaCrypt infecting 75000 Microsoft Windows computers in 99 countries. First, anti-virus software like Avast fails to make HTTP connections. Second, five million of ransomware emails are rapidly sent. Although many centralized email servers were able to stem the onslaught, many instances of anti-virus software had outdated virus definitions and were defenseless against the attack. Indeed, successful attacks were above 1%. Of these, more than 1% have already paid the ransom. Although various governments have rules (or laws) against paying ransom, it is possible that ransoms have been paid to regain access to some systems.

Also, file scrambling ransomware has similarities to REAMDE by Neal Stephenson. Although the book is extremely badly written, its scenarios (offline and online) seem to come true with forceful regularity.

Further sources: BBC (and here), Russia Today, DailyFail, Telegraph, Guardian.

Telefónica reportedly affected. NHS failed to patch computers which affected US hospitals in 2016. 16 divisions of the UK's NHS taken offline with aid of NSA Fuzzbunch exploit. The fun of a public blockchain is that ransom payments of £415,000 have been confirmed. Cancellation of heart surgery confirmed. Doctors unable to check allergies or prescribe medication. Patient access to emergency treatment denied in part due to hospital telephone exchange being offline.

It also appears that one of the affected parties refused to answer a Freedom of Information request in Nov 2016 about cyber-security due to impact on crime detection. Similar parties provided responses to the same request.

Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con 42 comments

Marcus Hutchins, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak in its tracks by discovering a hidden "kill switch" for the malware, has been arrested by the FBI over his alleged involvement in another malicious software targeting bank accounts.

According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015.

The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft word documents, and hijacks credentials like internet banking passwords to let its user steal money with ease.

[...] Hutchins, better known online by his handle MalwareTech, had been in Las Vegas for the annual Def Con hacking conference, the largest of its kind in the world. He was at the airport preparing to leave the country when he was arrested, after more than a week in the the city without incident.

Grauniad source: Briton who stopped WannaCry attack arrested over separate malware claims

Also covered by the BBC: NHS cyber-defender Marcus Hutchins charged in US.

Update: Detention quickly turned to arrest and indictment. Also at NPR, Motherboard, and the L.A. Times.

Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated]


Original Submission #1   Original Submission #2

Marcus Hutchins, WannaCry-Killer, Hit With Four New Charges by the FBI 28 comments

https://thehackernews.com/2018/06/marcus-hutchins-malware.html

Marcus Hutchins, the British malware analyst who helped stop global Wannacry menace, is now facing four new charges related to malware he allegedly created and promoted it online to steal financial information.

Hutchins, the 24-year-old better known as MalwareTech, was arrested by the FBI last year as he was headed home to England from the DefCon conference in Las Vegas for his alleged role in creating and distributing Kronos between 2014 and 2015.

Kronos is a Banking Trojan designed to steal banking credentials and personal information from victims' computers, which was sold for $7,000 on Russian online forums, and the FBI accused Hutchins of writing and promoting it online, including via YouTube.

Hutchins pleaded not guilty at a court hearing in August 2017 in Milwaukee and release on $30,000 bail.

However, earlier this week, a revised superseding indictment [PDF] was filed with the Wisconsin Eastern District Court, under which Hutchins faces four new charges along with the six prior counts filed against him by the FBI a month before his arrest.

According to the new indictment, Hutchins created a second piece of malware, known as "UPAS Kit," and also lied to the Federal Bureau of Investigations (FBI) when he was arrested and questioned last year in Las Vegas.

[...] As the news on the revised indictment broke, Hutchins, who has repeatedly denied any illegal activity, called the charges "bullshit" and appealed to his Twitter followers for donations to cover legal costs.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 0) by Anonymous Coward on Monday July 30 2018, @05:05PM (1 child)

    by Anonymous Coward on Monday July 30 2018, @05:05PM (#714812)

    So the government is moving the goalposts while trying to redefine the rules and the charges? Sounds about right :-/

    • (Score: 4, Insightful) by c0lo on Monday July 30 2018, @05:36PM

      by c0lo (156) on Monday July 30 2018, @05:36PM (#714834) Journal

      No good deed goes unpunished.

      --
      https://www.youtube.com/watch?v=aoFiw2jMy-0
  • (Score: 5, Insightful) by Snotnose on Monday July 30 2018, @05:20PM (2 children)

    by Snotnose (1623) on Monday July 30 2018, @05:20PM (#714824)

    His legal state may be zero, but what has he spent on legal bills and time wasted so for?

    It's not like if he wins the guv'mint will repay his legal bills.

    --
    The dishes in the sink are giving me dirty looks again.
    • (Score: 2) by MichaelDavidCrawford on Monday July 30 2018, @07:41PM (1 child)

      When Trump or maybe it was Cohen sued Stormy Daniels, a whole bunch of GoFundMe projects sprung up so as to pay her legal bills, with the result that a few million dollars were raised.

      Here's to hoping all that money was ultimately given to her.

      --
      Yes I Have No Bananas. [gofundme.com]
      • (Score: 0) by Anonymous Coward on Tuesday July 31 2018, @12:29AM

        by Anonymous Coward on Tuesday July 31 2018, @12:29AM (#714999)

        Her lawyers probably got paid, the remainder probably went into the Democratic Party's "Trump floozy lawyer fund".

  • (Score: 2, Funny) by Anonymous Coward on Monday July 30 2018, @05:39PM

    by Anonymous Coward on Monday July 30 2018, @05:39PM (#714837)

    Malware Tech usually loses to Malware State in basketball.

  • (Score: 5, Insightful) by isostatic on Monday July 30 2018, @07:42PM

    by isostatic (365) on Monday July 30 2018, @07:42PM (#714903) Journal

    Marcus was arrested last year after attending a security conference inside the US.

    And that was his mistake. You don't travel to hostile environments like North Korea or the US without a very good plan of what happens when the government takes an interest in you.

(1)