- Billie Eilish hit herself in the face with a mic—and reminded us why we love her 2 Years Ago
- Review: Wyze’s budget security cams easily compete with big-name brands 2 Years Ago
- Review: Jedi: Fallen Order knows why you love Star Wars Today 7:00 AM
- Actor Amanda Seales pushes back on #FreeRodneyReed movement Monday 10:58 PM
- Netflix thriller ‘Earthquake Bird’ can’t solve its own mystery Monday 4:45 PM
- Goop is selling an expensive ‘restraining arts’ BDSM kit Monday 4:17 PM
- Body positivity actress Lili Reinhart calls out Photoshopping app Monday 3:42 PM
- ‘Rick and Morty’ zeroes in on connections and leans into familiar territory Monday 3:30 PM
- People are sharing photos of how much they’ve changed in a decade Monday 2:30 PM
- A few of our favorite things on Newegg are on sale for Black Friday Monday 2:15 PM
- Disney adds ‘Bob’s Burgers’ movie back to release schedule after accidentally yanking it Monday 2:02 PM
- Ocasio-Cortez launches petition demanding Stephen Miller’s resignation Monday 1:24 PM
- Prince Andrew’s defense against child sex crimes stokes conspiracy theory flames Monday 1:20 PM
- More people may be looking to cancel Disney+ than Netflix Monday 1:09 PM
- Monday Night Football: How to stream Chiefs vs. Chargers live Monday 1:00 PM
Mark Hutchins, better known by the Twitter handle @MalwareTech, was detained by U.S. authorities Wednesday, according to a Motherboard report. Hutchins made headlines, and was called an “accidental hero” earlier this year, when he found the “kill switch” to WannaCry, a massive ransomware attack that spread throughout the world infecting hospitals and telecom companies, among other businesses.
Motherboard said it verified that Hutchins, 23, was being held at the Henderson Detention Center in Nevada on Thursday. A “close personal friend” of the researcher said he was later moved to another facility. The unnamed friend then tried to visit him, but he had already been transferred to another location.
“I’ve spoken to the U.S. Marshals again and they say they have no record of Marcus being in the system,” the friend told Motherboard. “At this point we’ve been trying to get in contact with Marcus for 18 hours and nobody knows where he’s been taken. We still don’t know why Marcus has been arrested and now we have no idea where in the U.S. he’s been taken to and we’re extremely concerned for his welfare.”
Hutchins was in Las Vegas for two large security conferences: Black Hat and DEF CON. An avid Twitter user, Hutchins has not posted in the last 24 hours. Andrew Mabbitt, a co-founder of Fidus, said he was working to get the security researcher a lawyer.
I'm working on getting a lawyer for @MalwareTechBlog as he has no legal representation and no visitors. I'll be crowdfunding legal fees soon— Andrew Mabbitt (@MabbsSec) August 3, 2017
Motherboard reached out to U.S. Marshals, but was told by a spokesperson that it was an FBI arrest, and he was not in their custody.
The FBI refused a request for comment from Motherboard. The United Kingdom’s National Crime Agency told the publication that it was aware a U.K. citizen was arrested, but said it was a “matter for the authorities in the U.S.” It is not known whether Hutchins faces any charges.
We will update this article as we learn more.
Update 2:43pm CT, Aug. 3: According to an indictment released by the U.S. Department of Justice, Hutchins and an unnamed co-defendant were arrested for helping create, maintain, and spread the banking trojan malware “Kronos” between 2014 and 2015. The malware spread through email attachments and was used to steal online banking credentials, ATM pin numbers, and other personal information.
Hutchins is accused of six counts of hacking-related charges, including the creation of Kronos. Hutchins tweeted about the malware in 2014:
Anyone got a kronos sample?— MalwareTech (@MalwareTechBlog) July 13, 2014
Update 4:59pm CT, Aug. 3: The indictment, filed on behalf of the Eastern District Court of Wisconsin, clarifies the charges against Hutchins, which were compiled during a two-year FBI investigation.
“Hutchins was charged with one count of conspiracy to commit computer fraud and abuse, three counts of distributing and advertising an electronic communication interception device, one count of endeavoring to intercept electronic communications, and one count of attempt to access a computer without authorization,” it reads.
The Kronos banking trojan was designed to harvest and transfer the username and password associated with banking accounts from one infected computer to the control panel of another. It has been configured to attack computers in Canada, Germany, Poland, France, and the United Kingdom, among others, according to the formal charge.
Here is a link to the full indictment.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.