|
Cyber expert who stopped
'WannaCry' attack arrested in U.S. on hacking charges
Send a link to a friend
 [August 04, 2017]
By Dustin Volz and John L. Smith
SAN FRANCISCO/LAS VEGAS (Reuters) - A cyber
security researcher widely credited with helping to neutralize the
global "WannaCry" ransomware attack earlier this year has been arrested
on unrelated hacking charges, according to court documents unsealed on
Thursday.
Marcus Hutchins, a 23-year-old British-based malware researcher who
gained attention in May for detecting a "kill switch" that effectively
disabled the WannaCry worm, was detained by the FBI in Las Vegas on
Wednesday, a U.S. Justice Department spokesman said. He was among tens
of thousands of hackers who had descended on the city during the annual
Black Hat and Def Con conventions.
An indictment filed in a U.S. District Court in Wisconsin accused
Hutchins, also known online as "MalwareTech," of advertising,
distributing and profiting from malware code known as "Kronos" that
stole online banking credentials and credit card data. Hutchins' alleged
activity took place between July 2014 and July 2015, according to the
indictment.
Hutchins, who faces six counts related to Kronos, was indicted along
with an unnamed co-defendant on July 12, but the case remained under
seal until Thursday, a day after his arrest.
Hutchins appeared before U.S. Judge Nancy Koppe in Las Vegas on
Thursday. Dan Coe, a federal public defender, told the court Hutchins
"had cooperated with the government prior to being charged."
The hearing was scheduled to continue Friday afternoon to determine
whether he will be represented by private legal counsel or a public
defender.
Hutchins showed no emotion as Koppe read the charges against him.
KRONOS MALWARE
Kronos malware downloaded from email attachments left victims' systems
vulnerable to theft of banking and credit card credentials, which could
have been used to siphon money from bank accounts.
[to top of second column] |
The Department of Justice (DOJ) logo is pictured on a wall in New
York, United States, December 5, 2013. REUTERS/Carlo Allegri/File
Photo
The indictment alleges that the unidentified co-defendant advertised the Kronos
malware on AlphaBay, a dark web marketplace that international authorities took
offline last month. Investigators said the site allowed anonymous users to
facilitate global trade in drugs, firearms, hacking tools and other illicit
goods.
The Justice Department said Kronos was used to steal banking systems credentials
in Canada, Germany, Poland, France, the United Kingdom and other countries.
Within the cyber security community, Hutchins was heralded as a folk hero for
his apparent role in stopping the WannaCry attack, which infected hundreds of
thousands of computers and caused disruptions at car factories, hospitals, shops
and schools in more than 150 countries.
A Justice Department official said his arrest was unrelated to WannaCry.
Some security researchers and computer crime experts said they were skeptical of
the charges against Hutchins.
"The government needs to show intent to further a crime," said Orin Kerr, a
professor at George Washington University Law School and expert on computer
crime. "Merely creating and selling malware, on its own, isn't enough."
Reuters was unable to reach Hutchins. Salim Neino, chief executive of the
California-based Kryptos Logic, the security firm where Hutchins is employed,
did not respond to requests for comment.
Hutchins' arrest was first reported by the security website Motherboard.
(Reporting by Dustin Volz in San Francisco and John Smith in Las Vegas,
additional reporting by Joseph Menn and Eric Auchard; editing by G Crosse and
David Gregorio)
[© 2017 Thomson Reuters. All rights
reserved.] Copyright 2017 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
