Slash Boxes

SoylentNews is people

Submission Preview

Security Researcher Credited for Finding WannaCry Kill Switch Arrested for Allegedly Creating Virus

Rejected submission by takyon at 2017-08-03 23:18:35

+digital liberty

Marcus Hutchins, a British citizen credited for slowing down the WannaCry ransomware attacks by registering a domain [], has been arrested for allegedly creating and distributing the Kronos virus. He was in Las Vegas attending Black Hat and Def Con:

On Wednesday, US authorities detained a researcher who goes by the handle MalwareTech, best known for stopping the spread of the WannaCry ransomware virus.

In May, WannaCry infected hospitals [] in the UK, a Spanish telecommunications company, and other targets in Russia, Turkey, Germany, Vietnam, and more. Marcus Hutchins, a researcher from cybersecurity firm Kryptos Logic, inadvertently stopped WannaCry in its tracks by registering a specific website domain included in the malware's code.

Hutchins was arrested for allegedly creating the Kronos banking malware [].

Motherboard verified that a detainee called Marcus Hutchins, 23, was being held at the Henderson Detention Center in Nevada early on Thursday. A few hours after, Hutchins was moved to another facility, according to a close personal friend.

Some are jumping to MalwareTech's defense []:

Andrew Mabbit, founder of cyber firm Fidus Information Security, said on Twitter that he was trying to find Hutchins a lawyer and would soon be crowdfunding cash for his legal representation.

"I refuse to believe the charges against @MalwareTechBlog," Mabbitt said [], referring to Hutchins' Twitter handle. "He spent his career stopping malware, not writing it."

[...] Another researcher Kevin Beaumont tweeted [] that the Department of Justice had made a "huge mistake."

Beaumont tweeted that Hutchins' business is to infiltrate malware like Kronos, monitor them and sell that data to law enforcement.

Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS []
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated] []

Original Submission