A 23-year-old British security researcher hailed as a hero for singlehandedly stopping the unprecedented WannaCry ransomware worm from spreading further after infecting millions of computers systems in May has been arrested in Nevada on hacking charges and taken into U.S. federal custody.
Marcus Hutchins, also known by his Twitter handle, @MalwareTech, has been arrested by the FBI, the U.S. Marshals Service said Thursday afternoon, confirming a report first published by Motherboard, Vice’s online tech magazine.
Mr. Hutchins, who had traveled to Las Vegas to attend the annual Black Hat and DefCon security conference last week, was apprehended Wednesday, Motherboard reported.
The Justice Department has since unsealed a federal indictment criminally charging Mr. Hutchins with six counts in connection with allegedly creating and distributing Kronos, a banking Trojan commercially sold on the dark web and used by cybercriminals to harvest stolen financial credentials.
“The charges against Hutchins, and for which he was arrested, relate to alleged conduct that occurred between in or around July 2014 and July 2015,” a Justice Department spokesperson told ZDNet.
He was listed Wednesday as an inmate at Henderson Detention Center in Nevada on but has since been transferred elsewhere, a friend told Motherboard on condition of anonymity.
“I’ve spoken to the U.S. Marshals again and they say they have no record of Marcus being in the system. At this point we’ve been trying to get in contact with Marcus for 18 hours and nobody knows where he’s been taken,” the source said Thursday. “
“We are aware a U.K. national has been arrested but it’s a matter for the authorities in the U.S.,” a spokesperson for the U.K.’s National Crime Agency told Motherboard.
The FBI did not immediately respond to requests for comment.
Mr. Hutchins became an unwilling celebrity earlier this year after locating and utilizing a “kill switch” that curbed the spread of WannaCry, a ransomware worm blamed with infecting upwards of 2 million computer systems in over 150 countries by exploiting previously disclosed security vulnerabilities affecting certain Microsoft Windows operating systems. Despite wishing to remain anonymous, Mr. Hutchins was soon identified by British media as the security researcher behind the Twitter account credited with discovering the kill switch, much to his chagrin.
“I’m pleased we’ve stopped the ransomware but the fame I’m not happy about,” he told Forbes previously.
Thousands of security professionals, hackers and hobbyists converge to Las Vegas annually for Black Hat and DefCon, which celebrated their 20th and 25th anniversaries this year, respectively.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.