A hero has turned into a villain. US authorities have charged and arrested UK-based malware researcher Marcus Hutchins, who played a role in stopping the spread of WannaCry ransomware earlier this year, and hit the headlines when he stopped the spread of the malware by accident. Hutchins was arrested for allegedly creating and helping another accused to create Kronos malware in February 2015. Hutchins, who is known online as Malware Tech and was credited with detecting a ‘kill switch’ that stopped WannaCry in its tracks, was arrested while attending the Black Hat and Def Con conferences in Las Vegas this week.
The indictment filed on July 11 in Wisconsin District Court, says that “Defendant Marcus Hutchins created the Kronos malware,” alongside another person, whose name has been redacted from the filing. Between July 2014 and July 2015, the two “intentionally cause[d] damage without authorization to 10 or more protected computers.”
The Kronos malware first came to light in July 2014 when his alleged co-conspirator uploaded a video on a Russian underground forum ‘AlphaBay’, showing how the malware worked. Kronos is a banking Trojan and could be used to steal banking logins and other financial data.
After initial publicity, the Trojan faded but came back into the limelight in October 2105 when it was revealed that the Kronos was part of the malware that attacked the Indian and UK banks.
Support has been pouring on for Hutchins ever since the news of his indictment has been made public and fellow researchers have expressed disbelief over the arrest and say that he has spent his life in fighting the malware not creating it and some have also said that there has been some mistake.
Digital rights group the Electronic Frontier Foundation is reaching out to Hutchins and has tweeted about its concerns regarding his arrest and have said that they are looking into the matter.
The WannaCry ransomware attack occurred in May this year when computers in over 150 countries were infected causing disruptions.