- ‘Breaking Bad’ movie will show us what happened to Jesse Pinkman Today 9:39 AM
- How to stream ROH Wrestling’s Honor For All Today 7:30 AM
- How to stream Steelers vs. Titans in NFL preseason action Today 7:00 AM
- How to stream ‘Good Eats: The Return’ online Today 7:00 AM
- How to stream ‘Power’ season 6 Today 6:00 AM
- Your best bets for finding discounted and refurbished Airpods Today 6:00 AM
- How to stream Barcelona vs. Real Betis Saturday 11:31 PM
- How to stream Tottenham Hotspur vs. Newcastle Saturday 11:21 PM
- All of the ‘Avengers: Endgame’ Easter eggs discovered by fans Saturday 6:52 PM
- Every big announcement made at D23 about Disney+ Saturday 6:33 PM
- The best haunted house movies to watch online in 2019 Saturday 4:13 PM
- Andy Ngo seen laughing as Patriot Prayer members plan an attack in newly emerged video Saturday 3:59 PM
- How to stream Manchester City vs. Bournemouth Saturday 3:25 PM
- Catholic priest allegedly spent church money on Grindr hookups Saturday 3:04 PM
- Nicolás Maduro’s English Twitter account was suspended with no public explanation Saturday 2:06 PM
Mark Hutchins, better known by the Twitter handle @MalwareTech, was detained by U.S. authorities Wednesday, according to a Motherboard report. Hutchins made headlines, and was called an “accidental hero” earlier this year, when he found the “kill switch” to WannaCry, a massive ransomware attack that spread throughout the world infecting hospitals and telecom companies, among other businesses.
Motherboard said it verified that Hutchins, 23, was being held at the Henderson Detention Center in Nevada on Thursday. A “close personal friend” of the researcher said he was later moved to another facility. The unnamed friend then tried to visit him, but he had already been transferred to another location.
“I’ve spoken to the U.S. Marshals again and they say they have no record of Marcus being in the system,” the friend told Motherboard. “At this point we’ve been trying to get in contact with Marcus for 18 hours and nobody knows where he’s been taken. We still don’t know why Marcus has been arrested and now we have no idea where in the U.S. he’s been taken to and we’re extremely concerned for his welfare.”
Hutchins was in Las Vegas for two large security conferences: Black Hat and DEF CON. An avid Twitter user, Hutchins has not posted in the last 24 hours. Andrew Mabbitt, a co-founder of Fidus, said he was working to get the security researcher a lawyer.
I'm working on getting a lawyer for @MalwareTechBlog as he has no legal representation and no visitors. I'll be crowdfunding legal fees soon— Andrew Mabbitt (@MabbsSec) August 3, 2017
Motherboard reached out to U.S. Marshals, but was told by a spokesperson that it was an FBI arrest, and he was not in their custody.
The FBI refused a request for comment from Motherboard. The United Kingdom’s National Crime Agency told the publication that it was aware a U.K. citizen was arrested, but said it was a “matter for the authorities in the U.S.” It is not known whether Hutchins faces any charges.
We will update this article as we learn more.
Update 2:43pm CT, Aug. 3: According to an indictment released by the U.S. Department of Justice, Hutchins and an unnamed co-defendant were arrested for helping create, maintain, and spread the banking trojan malware “Kronos” between 2014 and 2015. The malware spread through email attachments and was used to steal online banking credentials, ATM pin numbers, and other personal information.
Hutchins is accused of six counts of hacking-related charges, including the creation of Kronos. Hutchins tweeted about the malware in 2014:
Anyone got a kronos sample?— MalwareTech (@MalwareTechBlog) July 13, 2014
Update 4:59pm CT, Aug. 3: The indictment, filed on behalf of the Eastern District Court of Wisconsin, clarifies the charges against Hutchins, which were compiled during a two-year FBI investigation.
“Hutchins was charged with one count of conspiracy to commit computer fraud and abuse, three counts of distributing and advertising an electronic communication interception device, one count of endeavoring to intercept electronic communications, and one count of attempt to access a computer without authorization,” it reads.
The Kronos banking trojan was designed to harvest and transfer the username and password associated with banking accounts from one infected computer to the control panel of another. It has been configured to attack computers in Canada, Germany, Poland, France, and the United Kingdom, among others, according to the formal charge.
Here is a link to the full indictment.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.