Marcus Hutchins, a British citizen credited for slowing down the WannaCry ransomware attacks by registering a domain [malwaretech.com], has been arrested for allegedly creating and distributing the Kronos virus. He was in Las Vegas attending Black Hat and Def Con:
On Wednesday, US authorities detained a researcher who goes by the handle MalwareTech, best known for stopping the spread of the WannaCry ransomware virus.
In May, WannaCry infected hospitals [vice.com] in the UK, a Spanish telecommunications company, and other targets in Russia, Turkey, Germany, Vietnam, and more. Marcus Hutchins, a researcher from cybersecurity firm Kryptos Logic, inadvertently stopped WannaCry in its tracks by registering a specific website domain included in the malware's code.
Hutchins was arrested for allegedly creating the Kronos banking malware [vice.com].
Motherboard verified that a detainee called Marcus Hutchins, 23, was being held at the Henderson Detention Center in Nevada early on Thursday. A few hours after, Hutchins was moved to another facility, according to a close personal friend.
Some are jumping to MalwareTech's defense [npr.org]:
Andrew Mabbit, founder of cyber firm Fidus Information Security, said on Twitter that he was trying to find Hutchins a lawyer and would soon be crowdfunding cash for his legal representation.
"I refuse to believe the charges against @MalwareTechBlog," Mabbitt said [twitter.com], referring to Hutchins' Twitter handle. "He spent his career stopping malware, not writing it."
[...] Another researcher Kevin Beaumont tweeted [twitter.com] that the Department of Justice had made a "huge mistake."
Beaumont tweeted that Hutchins' business is to infiltrate malware like Kronos, monitor them and sell that data to law enforcement.
Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS [soylentnews.org]
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated] [soylentnews.org]