The 22 year old British security expert who was credited with slowing down the spread of the WannaCry ransomware back in May has been arrested on separate charges of creating malware used in hacking banking systems across Europe and Canada.
Marcus Hutchins who owns the blog Malware Tech was arrested in Las Vegas by American authorities is accused of creating the Kronos banking malware that was responsible for stealing user names and passwords of infected machines according to court documents.
Hutchins was said to be attending the Black Hat and Def Con conferences in Las Vegas where many hailed him as the hero behind the stop of WannaCry malware which infected computers across the world including those of life saving institutions like the British National Health Service (NHS) and this means by extension that the guy may have saved lives too.
Many have expressed shock at his arrest and the U.K. National Cyber Security Centre said in a statement that “We are aware of the situation. This is a law enforcement matter and it would be inappropriate to comment further.”
Hutchins who faces up to 40 years in jail allegedly wrote the Kronos malware and reportedly advertised it on hacker forums but it gets tricky because he is not accused of directly hacking into banking systems but being only the producers and distributor which has seen him make thousands of dollars according to the law enforcement authorities in the US.
This could be linked to the AlphaBay (an online market place for illegal stuff that they say sells drugs, guns and hacking tools among others) site that was shut down by the FBI. They say Hutchins may have sold his software there too which is why could be why they arrested him in the first place. Alexandre Cazes the 26 year old founder of AlphaBay was found dead in his cell in Thailand in what they say may be a suicide.
While his fellow cyber security experts say they are still in shock, it’s not clear whether the US authorities will eventually send him back to the UK to continue facing charges there but it looks though as if he could be facing prison time in the US. The close intelligence sharing relationship between the US and UK may change this though but that’s left to be seen as of today.
Several cyber advocacy groups like the Electronic Frontier Foundation (EFF) have started reaching out to Hutchins and according to them, they say they are “deeply concerned” about it but provided no further details about specific actions they might take in this case.