Stories
Slash Boxes
Comments

SoylentNews is people

Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con

posted by mrpg on Friday August 04 2017, @02:14PM   Printer-friendly
from the oh-oh dept.

canopic jug writes:

Marcus Hutchins, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak in its tracks by discovering a hidden "kill switch" for the malware, has been arrested by the FBI over his alleged involvement in another malicious software targeting bank accounts.

According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015.

The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft word documents, and hijacks credentials like internet banking passwords to let its user steal money with ease.

[...] Hutchins, better known online by his handle MalwareTech, had been in Las Vegas for the annual Def Con hacking conference, the largest of its kind in the world. He was at the airport preparing to leave the country when he was arrested, after more than a week in the the city without incident.

Grauniad source: Briton who stopped WannaCry attack arrested over separate malware claims

Also covered by the BBC: NHS cyber-defender Marcus Hutchins charged in US.

Update: Detention quickly turned to arrest and indictment. Also at NPR, Motherboard, and the L.A. Times.

Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated]

Original Submission #1   Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con | Log In/Create an Account | Top | 42 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by FakeBeldin on Friday August 04 2017, @09:12PM (1 child)

    by FakeBeldin (3360) on Friday August 04 2017, @09:12PM (#548864) Journal

    Perhaps </wild speculation>, but that has nothing to do with why he was detained.
    He was detained in suspicion of connection to a banking trojan (Kronos).

    Just to be clear: WannaCry was ransomware. Ransomware is not a banking trojan.

    I also saw (can't find link now) a comment by a security chap stating that some of the things a security guy fighting malware would do in the normal course of events could look a lot like being a bad guy to someone not seeing the whole picture. For example, asking for a sample of a piece of malware -- kind of essential if you want to analyse it for weaknesses,... or if you want to buy it.

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 1, Interesting) by Anonymous Coward on Friday August 04 2017, @09:49PM

    by Anonymous Coward on Friday August 04 2017, @09:49PM (#548879)

    Sure, it's all speculation. But it's also strange that so many WannaCry bitcoins moved [cointelegraph.com] right after Hutchins' arrest. If you read the grand jury indictment [npr.org], it seems like the feds nailed someone else for Kronos, and he/she is pointing the finger at Hutchins as the author. Hero syndrome [wikipedia.org] is a thing.