Aug 3, 2017

Researcher who stopped WannaCry hack detained in U.S.

Marcus Hutchins, the British researcher who stopped the May WannaCry hack, has been arrested by the FBI in Las Vegas for allegedly playing a role in creating the "Kronos" malware that targeted bank accounts, per The Guardian. The WannaCry attack crippled healthcare operations in the UK and hit dozens of countries.

About Kronos: It spread between 2014 and 2015 through emails with malicious attachments, such as compromised Word documents, with the aim of getting banking credentials. New infections occurred through 2016.

Hutchins' charges: The Department of Justice released the allegations about Hutchins' role in the Kronos hack, claiming he helped create, spread, and maintain the hack. Hutchins faces six counts of hacking-related charges. There is another, unnamed co-defendant, who allegedly tried selling the malware on AlphaBay, a darknet marketplace, which was shut down July 20 when the FBI and European authorities seized its servers.

Note: Ryan Kalember of Proofpoint said "This could very easily be the FBI mistaking legitimate research activity with being in control of Kronos infrastructure. Lots of researchers like to log in to crimeware tools and interfaces and play around."

Go deeper