Stories
Slash Boxes
Comments

SoylentNews is people

Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con

posted by mrpg on Friday August 04 2017, @02:14PM   Printer-friendly
from the oh-oh dept.

canopic jug writes:

Marcus Hutchins, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak in its tracks by discovering a hidden "kill switch" for the malware, has been arrested by the FBI over his alleged involvement in another malicious software targeting bank accounts.

According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015.

The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft word documents, and hijacks credentials like internet banking passwords to let its user steal money with ease.

[...] Hutchins, better known online by his handle MalwareTech, had been in Las Vegas for the annual Def Con hacking conference, the largest of its kind in the world. He was at the airport preparing to leave the country when he was arrested, after more than a week in the the city without incident.

Grauniad source: Briton who stopped WannaCry attack arrested over separate malware claims

Also covered by the BBC: NHS cyber-defender Marcus Hutchins charged in US.

Update: Detention quickly turned to arrest and indictment. Also at NPR, Motherboard, and the L.A. Times.

Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated]

Original Submission #1   Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con | Log In/Create an Account | Top | 42 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Insightful) by BsAtHome on Friday August 04 2017, @03:26PM (18 children)

    by BsAtHome (889) on Friday August 04 2017, @03:26PM (#548758)

    First lesson learned: do not travel to the US
    Second lesson learned: see first.

    This may be called hype or over the top, but it shouldn't have escaped anybody by now that the climate across the pond has become rather bad. The discomforts of immigration, TSA and security theater should make the risks of traveling to the US obvious to us all. The IETF already changed venue, it may be prudent for others to follow suit rather sooner than later.

    Starting Score:    1  point
    Moderation   +4  
       Insightful=2, Interesting=1, Informative=1, Total=4
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 5, Insightful) by FatPhil on Friday August 04 2017, @03:46PM (8 children)

    by FatPhil (863) <reversethis-{if.fdsa} {ta} {tnelyos-cp}> on Friday August 04 2017, @03:46PM (#548766) Homepage
    Indeed. Avoiding the US isn't just "SJW virtue signalling" (to quote the IETF story's comments, https://soylentnews.org/article.pl?sid=17/07/17/041248 ), it's simply a practical way of avoiding a wild and unpredictable oppressive regime.
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves

    • (Score: 3, Funny) by PiMuNu on Friday August 04 2017, @03:57PM (3 children)

      by PiMuNu (3823) on Friday August 04 2017, @03:57PM (#548772)

      Ironically, the phrase "SJW signalling" is in itself "alt-right signalling". But by writing this, I am surely performing "SJW signalling" and "alt-right signalling". Proof that alt-right are SJWs!

      • (Score: 1, Insightful) by Anonymous Coward on Friday August 04 2017, @06:26PM

        by Anonymous Coward on Friday August 04 2017, @06:26PM (#548818)

        Close. The alt-right and SJWs are both authoritarian followers.

      • (Score: 0) by Anonymous Coward on Friday August 04 2017, @09:25PM

        by Anonymous Coward on Friday August 04 2017, @09:25PM (#548870)

        Proof that alt-right are SJWs!

        And vice versa!

      • (Score: 2) by Phoenix666 on Saturday August 05 2017, @01:09AM

        by Phoenix666 (552) on Saturday August 05 2017, @01:09AM (#548959) Journal

        Dammit, I always get lost between the second and third iteration of these recursive rectal-cranial inversions...

        --
        Washington DC delenda est.

    • (Score: 4, Informative) by DeathMonkey on Friday August 04 2017, @05:04PM (3 children)

      by DeathMonkey (1380) on Friday August 04 2017, @05:04PM (#548798) Journal

      Tourism to the U.S. Has Been in Decline Since Trump Took Office [nbcnews.com]

      You reap what you sow...

      • (Score: 2) by FatPhil on Friday August 04 2017, @06:53PM

        by FatPhil (863) <reversethis-{if.fdsa} {ta} {tnelyos-cp}> on Friday August 04 2017, @06:53PM (#548826) Homepage
        I think I promised I would never visit the US and by so doing contribute to the US economy back in about 2001. More people I speak to seem to be adopting that way of thinking.
        --
        Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves

      • (Score: 0) by Anonymous Coward on Saturday August 05 2017, @12:49AM (1 child)

        by Anonymous Coward on Saturday August 05 2017, @12:49AM (#548945)

        Its been on the decline since GWB.

        • (Score: 3, Insightful) by caffeine on Saturday August 05 2017, @02:44AM

          by caffeine (249) on Saturday August 05 2017, @02:44AM (#548973)

          Perhaps it is related to requiring visitors to be fingerprinted to enter the country? That was a GWb initiative from memory.

  • (Score: 0) by Anonymous Coward on Friday August 04 2017, @04:04PM

    by Anonymous Coward on Friday August 04 2017, @04:04PM (#548773)

    More like "First lesson learned: don't touch the banks" because they're a higher class of criminal and they will destroy you.

  • (Score: 2) by epitaxial on Friday August 04 2017, @05:26PM

    by epitaxial (3165) on Friday August 04 2017, @05:26PM (#548807)

    Maybe you should read some of the articles before typing. He was arrested in connection with a previous strain of ransomware. Also by strange coincidence the bitcoin wallets for the ransom payments were emptied after his arrest.

  • (Score: 2) by iWantToKeepAnon on Friday August 04 2017, @08:40PM (1 child)

    by iWantToKeepAnon (686) on Friday August 04 2017, @08:40PM (#548861) Homepage Journal
    For rulers hold no terror for those who do right, but for those who do wrong. Do you want to be free from fear of the one in authority? Then do what is right and you will be commended.
    --
    "Happy families are all alike; every unhappy family is unhappy in its own way." -- Anna Karenina by Leo Tolstoy

    • (Score: 4, Insightful) by Justin Case on Friday August 04 2017, @09:36PM

      by Justin Case (4239) on Friday August 04 2017, @09:36PM (#548875) Journal

      Yeah that's all fine until that random day you get a ruler who thinks it's OK to grab strangers by the pussy.

      I know, a crazy, contrived example, but just on the outlandish chance that it should happen in some alternate universe, would that now make pussy-grabbers "right" and grab-resisters "wrong"?

      (Stop sucking authority's cock, useful idiot.)

  • (Score: 3, Informative) by frojack on Friday August 04 2017, @09:32PM (2 children)

    by frojack (1554) on Friday August 04 2017, @09:32PM (#548873) Journal

    And of course, the mere fact that he was arrested in the US means defacto that he must be innocent, right BsAtHome?

    Had he been arrested in France, or Russia, there's at least a chance he was guilty, but not if he was arrested in the US.

    Hutchins is described as having created, maintained and marketed the Kronos banking Trojan from July 2014 to July 2015.
    Kronos was first made available online in early 2014, including on AlphaBay, a secret marketplace for buying drugs and other illicit items. Last month, the Justice Department seized AlphaBay, which could be accessed only through a special Internet browser that scrambles traffic. (tor).

    Hutchins may have been unmasked during the AlphaBay investigation. When federal agents took down the service, they came into possession of its electronic records and may have been able to trace who was behind Kronos’ creation.

    --
    No, you are mistaken. I've always had this sig.

    • (Score: 2) by takyon on Saturday August 05 2017, @04:11AM

      by takyon (881) <takyonNO@SPAMsoylentnews.org> on Saturday August 05 2017, @04:11AM (#549002) Journal

      If you are arrested for hacking in Russia, you are either anti-Putin, hacked the wrong Russian target, or didn't pay off the right people. It is a completely avoidable arrest for a hacker.

      As has already been noted, traveling to the U.S. is your sin if you are a "security researcher". It's punishment for being stupid enough to set foot on U.S. soil (or even an ally with an extradition agreement).

      --
      [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]

    • (Score: 2) by Lester on Saturday August 05 2017, @10:56AM

      by Lester (6231) on Saturday August 05 2017, @10:56AM (#549079) Journal

      Didn't USA know anything about the crime until he landed in USA? USA could have contacted with UK to run an investigation together. There are many international cybercrime investigations, pedophiles etc. I often read news like "In an international operation X men were arrested in Y countries". Why did USA keep secret the investigation until he came into USA? The first answer comes to my mind is: The have no convincing proofs to demand extradition, but USA will accept more loose courts and government proofs. Are they making up the case because they want to catch him for other reasons, like Julian Assange?.

      That's sad to say form a country that once was considered the paradigm of liberty and the empire of law.

      • If a foreign citizen is arrested in Russia, China, North Corea etc about a cybercrime. Odds are that there are political issues.
      • If a foreign citizen is arrested in France about a cybercrime, probably there is a case.
      • If a foreign citizen is arrested in USA about a cybercrime when stepping into de USA. maybe there is a political issue, maybe involving copyright issues, releasing tools against security etc..

      That's the current reputation of USA. Instead of complaining, it should wonder what has done to get it. I hope the conclusion is not "libertarian propaganda" or something like that.

      On the other hand, you are right. Too soon to have an opinion.

  • (Score: 0) by Anonymous Coward on Saturday August 05 2017, @12:50AM (1 child)

    by Anonymous Coward on Saturday August 05 2017, @12:50AM (#548946)
    First lesson: stop breaking the law asshole.

    • (Score: 0) by Anonymous Coward on Saturday August 05 2017, @07:22PM

      by Anonymous Coward on Saturday August 05 2017, @07:22PM (#549172)

      oh, stfu with your "law".