Marcus Hutchins, the cybersecurity expert credited with finding the so-called kill switch that stopped the WannaCry ransomware in May, has been arrested by the FBI.
Hutchins, also known as "Malwaretech," allegedly has a dark past, which has now come back to haunt him just a few months after being dubbed a hero.
Hutchins Arrested For Launching Banking Malware
Hutchins, 22 years old and working for cybersecurity firm Kryptos Logic, was arrested in Las Vegas, where he attended Defcon, one of the biggest conferences in the computer security industry. The WannaCry hero was nabbed by the authorities as he was on his way to fly home to the United Kingdom.
Federal prosecutors are accusing Hutchins of having launched the banking malware named Kronos. The cybersecurity expert allegedly created, maintained, and sold Kronos from July 2014 to July 2015 and is now facing six counts related to malware distribution.
Kronos, which was primarily spread through document attachments in malicious emails, is capable of monitoring the online browsing activities of victims and luring them to fake websites that are made to appear like those of legitimate banking services. The malware then collects sensitive information from its targets, including their usernames and passwords.
The malware, according to sellers, can evade antivirus software and can spy on targets using the latest versions of Firefox, Chrome, and Internet Explorer.
The Two Faces Of The WannaCry Hero
The arrest of Hutchins showcases one of the most controversial traits of cybersecurity experts: while they are capable of preventing cybersecurity attacks, they are also the same people who are capable of launching them in the first place.
Hackers who have dabbled in malware creation and distribution can become important assets to cybersecurity companies and law enforcement agencies in stopping new security threats. In the case of Hutchins, though, there are claims that he was actually working to fight against Kronos, with some even saying that he was framed.
Whether the allegations are true or not, the importance of Hutchins's work in ending the spread of the WannaCry Ransomware could not be disputed.
The WannaCry ransomware wreaked havoc across 150 countries in May, hitting tens of thousands of systems and locking up their files. Victims can only regain access to their computers by paying ransoms in bitcoins to the attackers. The cybersecurity threat has since been linked to North Korea and China.
Hutchins identified and purchased the domain name of the ransomware. This allowed him to neutralize WannaCry, earning him fame as the WannaCry hero.