Marcus Hutchins, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak in its tracks by discovering a hidden "kill switch" for the malware, has been arrested by the FBI over his alleged involvement in another malicious software targeting bank accounts.
According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015.
The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft word documents, and hijacks credentials like internet banking passwords to let its user steal money with ease.
[...] Hutchins, better known online by his handle MalwareTech, had been in Las Vegas for the annual Def Con hacking conference, the largest of its kind in the world. He was at the airport preparing to leave the country when he was arrested, after more than a week in the the city without incident.
Grauniad source: Briton who stopped WannaCry attack arrested over separate malware claims
Also covered by the BBC: NHS cyber-defender Marcus Hutchins charged in US.
Update: Detention quickly turned to arrest and indictment. Also at NPR, Motherboard, and the L.A. Times.
Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated]
(Score: 3, Informative) by frojack on Friday August 04 2017, @09:32PM (2 children)
And of course, the mere fact that he was arrested in the US means defacto that he must be innocent, right BsAtHome?
Had he been arrested in France, or Russia, there's at least a chance he was guilty, but not if he was arrested in the US.
No, you are mistaken. I've always had this sig.
(Score: 2) by takyon on Saturday August 05 2017, @04:11AM
If you are arrested for hacking in Russia, you are either anti-Putin, hacked the wrong Russian target, or didn't pay off the right people. It is a completely avoidable arrest for a hacker.
As has already been noted, traveling to the U.S. is your sin if you are a "security researcher". It's punishment for being stupid enough to set foot on U.S. soil (or even an ally with an extradition agreement).
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 2) by Lester on Saturday August 05 2017, @10:56AM
Didn't USA know anything about the crime until he landed in USA? USA could have contacted with UK to run an investigation together. There are many international cybercrime investigations, pedophiles etc. I often read news like "In an international operation X men were arrested in Y countries". Why did USA keep secret the investigation until he came into USA? The first answer comes to my mind is: The have no convincing proofs to demand extradition, but USA will accept more loose courts and government proofs. Are they making up the case because they want to catch him for other reasons, like Julian Assange?.
That's sad to say form a country that once was considered the paradigm of liberty and the empire of law.
That's the current reputation of USA. Instead of complaining, it should wonder what has done to get it. I hope the conclusion is not "libertarian propaganda" or something like that.
On the other hand, you are right. Too soon to have an opinion.