As the whole WannaCry cyber hysteria has subsided, the malware researcher and developer, Marcus Hutchins, who helped disable the global ransomware attack was detained in Las Vegas. The arrest, completely unrelated to the WannaCry ransomware attack, was made days after the Black Hat and Def Con events that took place in the city last July. The US Department of Justice is accusing the 23-year-old malware wizard of creating and marketing Kronos, a banking malware that was actively operating from 2014 until 2015.
[Image Source: The Telegraph/YouTube]
WannaCry ransomware "hero" charged with six counts of cyber violations
Marcus Hutchins, aka MalwareTech in the virtual world, is a British-based cyber security researcher known for helping put out the WannaCry ransomware blaze. Hutchins was able to do so by running his own samples of the said ransomware and discovered an unregistered domain. By registering the unknown domain, Hutchins was able to unintentionally halt the spread of the malware and prevented it from wreaking more cyber havoc on a global scale.
However, long before this noble deed, Hutchins was apparently responsible for creating Kronos, a banking malware that has been devised to purloin credit card information and banking details. The Kronos malware was circulated online through email, which deceived receivers into downloading the attachment. Once the Kronos malware has been installed, it leaves the system prone to theft targeting the user's registered banking details and credentials.
A statement released by the US Department of Justice describes the nature of Hutchins' arrest from the 2nd of August.
"Marcus Hutchins... a citizen and resident of the United Kingdom, was arrested in the United States on August 2, 2017, in Las Vegas, Nevada, after a grand jury in the Eastern District of Wisconsin returned a six-count indictment against Hutchins for his role in creating and distributing the Kronos banking Trojan".
The malware researcher is accused of operating, promoting, and benefiting from the malware from July 2014 until July 2015. One of the counts of the indictment that was filed in the state of Wisconsin accuses Hutchins and an unnamed accomplice of attempting to sell the malware application on AlphaBay, an online darknet market. Furthermore, the defendants are also accused of violating the Wire Tap Act by making use of a device to intercept communications. As well as hardware devices, applications and software are also considered as a "device" in legal cases. According to the US Justice Department, the Kronos malware successfully operated across the globe especially in Canada, the United Kingdom, and other European countries. On top of the above counts, Hutchins is also apparently guilty of "violating an anti-hacking law called the Computer Fraud and Abuse Act".
The British foreign authorities have expressed their involvement in Hutchins' arrest and have offered support to his relatives.
"We are in contact with the local authorities in Las Vegas following the arrest of a British man and are providing support to his family".
However, the British National Cyber Security Center deemed it unnecessary to meddle with Hutchins' arrest by not providing any statements.
"We are aware of the situation. This is a law enforcement matter and it would be inappropriate to comment further".
You can find out more about Marcus Hutchins' method of disabling the WannaCry ransomware by accessing his blog here.
Sources: MalwareTech, Motherboard, Reuters, Fortune