- Boys’ sleepovers vs. girls’ sleepovers meme takes stereotypes to absurd heights Tuesday 7:30 PM
- Petition wants Keanu Reeves to be named ‘Time Person of the Year’ Tuesday 6:33 PM
- 8 women accuse Max Landis of sexual, emotional abuse Tuesday 5:37 PM
- Taylor Swift accused of copying Beyoncé—again Tuesday 5:00 PM
- Everything you need to know about Libra, Facebook’s new cryptocurrency Tuesday 4:45 PM
- Netflix just renewed ‘Queer Eye’ for 2 more seasons Tuesday 4:32 PM
- YouTube’s queen of failed robots just unveiled a one-of-a-kind Tesla truck Tuesday 3:58 PM
- AOC infuriates conservatives with ‘concentration camps’ remark Tuesday 3:33 PM
- TikTok users explore identity with Lin Manuel Miranda-inspired meme Tuesday 3:24 PM
- TikTok apology video inspires new duet meme Tuesday 2:51 PM
- Man sues brewery after identifying as female to get beer discount Tuesday 2:31 PM
- Here’s what’s coming and going on Hulu in July 2019 Tuesday 2:22 PM
- This biotech company’s logo is almost straight out of Resident Evil Tuesday 1:26 PM
- Trump says mass deportations to start next week Tuesday 12:28 PM
- GOP pollster bothered by broken elevator in Austria blames socialism Tuesday 10:50 AM
U.S. authorities arrest ‘hero’ who stopped global ransomware attack
Photo via supimol kumying/Shutterstock (Licensed)
He disappeared when he went into custody.
Mark Hutchins, better known by the Twitter handle @MalwareTech, was detained by U.S. authorities Wednesday, according to a Motherboard report. Hutchins made headlines, and was called an “accidental hero” earlier this year, when he found the “kill switch” to WannaCry, a massive ransomware attack that spread throughout the world infecting hospitals and telecom companies, among other businesses.
Motherboard said it verified that Hutchins, 23, was being held at the Henderson Detention Center in Nevada on Thursday. A “close personal friend” of the researcher said he was later moved to another facility. The unnamed friend then tried to visit him, but he had already been transferred to another location.
“I’ve spoken to the U.S. Marshals again and they say they have no record of Marcus being in the system,” the friend told Motherboard. “At this point we’ve been trying to get in contact with Marcus for 18 hours and nobody knows where he’s been taken. We still don’t know why Marcus has been arrested and now we have no idea where in the U.S. he’s been taken to and we’re extremely concerned for his welfare.”
Hutchins was in Las Vegas for two large security conferences: Black Hat and DEF CON. An avid Twitter user, Hutchins has not posted in the last 24 hours. Andrew Mabbitt, a co-founder of Fidus, said he was working to get the security researcher a lawyer.
I'm working on getting a lawyer for @MalwareTechBlog as he has no legal representation and no visitors. I'll be crowdfunding legal fees soon
— Andrew Mabbitt (@MabbsSec) August 3, 2017
Motherboard reached out to U.S. Marshals, but was told by a spokesperson that it was an FBI arrest, and he was not in their custody.
The FBI refused a request for comment from Motherboard. The United Kingdom’s National Crime Agency told the publication that it was aware a U.K. citizen was arrested, but said it was a “matter for the authorities in the U.S.” It is not known whether Hutchins faces any charges.
We will update this article as we learn more.
Update 2:43pm CT, Aug. 3: According to an indictment released by the U.S. Department of Justice, Hutchins and an unnamed co-defendant were arrested for helping create, maintain, and spread the banking trojan malware “Kronos” between 2014 and 2015. The malware spread through email attachments and was used to steal online banking credentials, ATM pin numbers, and other personal information.
Hutchins is accused of six counts of hacking-related charges, including the creation of Kronos. Hutchins tweeted about the malware in 2014:
Anyone got a kronos sample?
— MalwareTech (@MalwareTechBlog) July 13, 2014
Update 4:59pm CT, Aug. 3: The indictment, filed on behalf of the Eastern District Court of Wisconsin, clarifies the charges against Hutchins, which were compiled during a two-year FBI investigation.
“Hutchins was charged with one count of conspiracy to commit computer fraud and abuse, three counts of distributing and advertising an electronic communication interception device, one count of endeavoring to intercept electronic communications, and one count of attempt to access a computer without authorization,” it reads.
The Kronos banking trojan was designed to harvest and transfer the username and password associated with banking accounts from one infected computer to the control panel of another. It has been configured to attack computers in Canada, Germany, Poland, France, and the United Kingdom, among others, according to the formal charge.
Here is a link to the full indictment.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.