Back when the WannaCry malware attack hit several months ago and began causing panic, one young British security researcher, Marcus Hutchins, made headlines after discovering a way to stop the ransomware in its tracks. At the time, he was applauded for his efforts but in a surprise twist, the FBI has arrested him, accusing him of helping to create ‘Kronos’ a trojan that affected banks.
Hutchins works at Kryptos Logic and is perhaps best known by his Twitter name @MalwareTechBlog. He was arrested by the FBI just as he was about to board a plane leaving the US, following Def Con in Las Vegas. The US Department of Justice confirmed that the charges he’s been arrested for relate to “alleged conduct that occurred between or in July 2014 and July 2015”.
Back in July 2014, Hutchins did tweet out asking for a Kronos trojan sample. It seems this could be part of the evidence the FBI gathered. He is also being accused of helping to update Kronos in February 2015, around six months after it first went up for sale on the dark web. Beyond that, the investigators also reckon that Hutchins helped sell the malware on marketplaces like AlphaBay, which was shut down earlier this year.
Fellow security experts on Twitter have expressed their surprise and disbelief at the charges levied at Hutchins. Fidus Information Security founder, Andrew Mabbit, has been working to secure legal representation for him, meanwhile Kevin Beaumont has been tweeting out in his defence, believing the allegations to be a mistake.
As usual, an indictment does not make someone guilty, nor does it contain any evidence. Still, we don’t know exactly what evidence the FBI has on its side to warrant this arrest.
KitGuru Says: This is a surprising turn of events to say the least. Hopefully we will hear more details surrounding this investigation soon.