FBI arrests Brit who stopped WannaCry attack over malware claims

By:
James Pearce
Published on:

Marcus Hutchins, who operates under the pseudonym MalwareTech, accused of conspiring to sell malicious software used to attack bank accounts

A British cyber expert who helped to stop the WannaCry cyber-attack that hit the likes of Telefónica has been arrested for allegedly conspiring to sell malicious software that was used to attack bank accounts.

Marcus Hutchins, who uses the pseudonym MalwareTech, could face up to 40 years in prison after he was arrested by the FBI following the DefCon hacking conferred in Nevada earlier this week.

Hutchins became known to the wider world after he found a hidden “kill switch” to the WannaCry malware that hit numerous organisations including the UK’s National Health Service earlier this year.

It hit hundreds of thousands of computers across 150 countries, and has been revealed as single biggest driver for cyber insurance enquiries in the first half of 2017, with enquiries for cyber insurance increasing by nearly 50% in the four weeks following the attack, according to CFC Underwriting.

According to an indictment released by the US Department of Justice, Hutchins has been accused of helping to create and distribute the baking Trojan Kronos between 2014 and 2015. Kronos is a malware that was spread through emails with malicious attachments that are used to hijack user credentials including passwords.

“Defendant Marcus Hutchins created the Kronos malware,” the indictment alleges. Hutchins and another, yet-to-be-named co-defendant, stands accused of six counts of hacking-related crimes.

The arrest came within hours of news that the bank account where victims of the WannaCry attack deployed more than £108,000 in ransom money had been emptied. There is nothing to suggest the withdrawal is connected to the arrest of Hutchins.