A British-based cybersecurity researcher has been arrested by U.S. authorities on charges that he conspired to advertise and sell Kronos banking malware.
Reuters reported on the news, which came from a court filing unsealed Thursday.
Marcus Hutchins, 23, was detained in Las Vegas on suspicion of involvement with Kronos, a piece of malware used to steal banking logins from victims’ computers. Hutchins was in the United States this week after attending the annual Def Con hacking conference.
Many cybersecurity researchers expressed shock at the indictment to the BBC, mainly because Hutchins has been widely credited with helping to neutralize the global “WannaCry” ransomware attack that spread rapidly through computer systems around the world, in an unprecedented outbreak that began in May. A U.S. official said his case was unrelated to that attack.
“Marcus Hutchins … a citizen and resident of the United Kingdom, was arrested in the United States on 2 August, 2017, in Las Vegas, Nevada, after a grand jury in the Eastern District of Wisconsin returned a six-count indictment against Hutchins for his role in creating and distributing the Kronos banking Trojan,” the Department of Justice (DoJ) said in a statement. “The charges against Hutchins, and for which he was arrested, relate to alleged conduct that occurred between in or around July 2014 and July 2015.”
The indictment alleges that Hutchins created and sold Kronos on internet forums, including the AlphaBay dark web market, which was recently shut down after an international law enforcement operation.
A second defendant is included in the indictment, but that person’s name has not been made public.
Hutchins’ job in the U.K. involves investigating malware, leading some in the industry to claim that U.S. justice system has made “a huge mistake.”
The British Consulate in Los Angeles said it’s aware of the situation and is in touch with the local authorities in Las Vegas.