Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Friday August 04 2017, @02:14PM   Printer-friendly
from the oh-oh dept.

Marcus Hutchins, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak in its tracks by discovering a hidden "kill switch" for the malware, has been arrested by the FBI over his alleged involvement in another malicious software targeting bank accounts.

According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015.

The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft word documents, and hijacks credentials like internet banking passwords to let its user steal money with ease.

[...] Hutchins, better known online by his handle MalwareTech, had been in Las Vegas for the annual Def Con hacking conference, the largest of its kind in the world. He was at the airport preparing to leave the country when he was arrested, after more than a week in the the city without incident.

Grauniad source: Briton who stopped WannaCry attack arrested over separate malware claims

Also covered by the BBC: NHS cyber-defender Marcus Hutchins charged in US.

Update: Detention quickly turned to arrest and indictment. Also at NPR, Motherboard, and the L.A. Times.

Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated]


Original Submission #1   Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by frojack on Friday August 04 2017, @09:32PM (2 children)

    by frojack (1554) on Friday August 04 2017, @09:32PM (#548873) Journal

    And of course, the mere fact that he was arrested in the US means defacto that he must be innocent, right BsAtHome?

    Had he been arrested in France, or Russia, there's at least a chance he was guilty, but not if he was arrested in the US.

    Hutchins is described as having created, maintained and marketed the Kronos banking Trojan from July 2014 to July 2015.
    Kronos was first made available online in early 2014, including on AlphaBay, a secret marketplace for buying drugs and other illicit items. Last month, the Justice Department seized AlphaBay, which could be accessed only through a special Internet browser that scrambles traffic. (tor).

    Hutchins may have been unmasked during the AlphaBay investigation. When federal agents took down the service, they came into possession of its electronic records and may have been able to trace who was behind Kronos’ creation.

    --
    No, you are mistaken. I've always had this sig.
    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by takyon on Saturday August 05 2017, @04:11AM

    by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Saturday August 05 2017, @04:11AM (#549002) Journal

    If you are arrested for hacking in Russia, you are either anti-Putin, hacked the wrong Russian target, or didn't pay off the right people. It is a completely avoidable arrest for a hacker.

    As has already been noted, traveling to the U.S. is your sin if you are a "security researcher". It's punishment for being stupid enough to set foot on U.S. soil (or even an ally with an extradition agreement).

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
  • (Score: 2) by Lester on Saturday August 05 2017, @10:56AM

    by Lester (6231) on Saturday August 05 2017, @10:56AM (#549079) Journal

    Didn't USA know anything about the crime until he landed in USA? USA could have contacted with UK to run an investigation together. There are many international cybercrime investigations, pedophiles etc. I often read news like "In an international operation X men were arrested in Y countries". Why did USA keep secret the investigation until he came into USA? The first answer comes to my mind is: The have no convincing proofs to demand extradition, but USA will accept more loose courts and government proofs. Are they making up the case because they want to catch him for other reasons, like Julian Assange?.

    That's sad to say form a country that once was considered the paradigm of liberty and the empire of law.

    • If a foreign citizen is arrested in Russia, China, North Corea etc about a cybercrime. Odds are that there are political issues.
    • If a foreign citizen is arrested in France about a cybercrime, probably there is a case.
    • If a foreign citizen is arrested in USA about a cybercrime when stepping into de USA. maybe there is a political issue, maybe involving copyright issues, releasing tools against security etc..

    That's the current reputation of USA. Instead of complaining, it should wonder what has done to get it. I hope the conclusion is not "libertarian propaganda" or something like that.

    On the other hand, you are right. Too soon to have an opinion.