The cyber expert, Marcus Hutchins, who managed to stop the WannaCry ransomware attack on the British National Health Service (NHS) arrested in America, being involved in crimes relating to Kronos malware. The US department of justice confirmed that Hutchins arrested in the United States on 2nd August 2017, in Las Vegas.
Hutchins shot to fame when he helped stop the WannaCry ransomware attack in May which hit over 200,000 victims in around 150 countries.
Kronos was a malware that harvested people’s bank login details to steal money from their accounts. The malware offered for purchase on cybercriminal forums in 2014 for the not-insignificant sum of $7,000.
The indictment alleges that the unidentified co-defendant advertised the Kronos malware on AlphaBay, a dark web marketplace that international authorities took offline last month. The site allowed anonymous users to facilitate global trade in drugs, firearms, hacking tools and other illicit goods.
The Justice Department said Kronos steal banking system credentials in Canada, Germany, Poland, France, the United Kingdom and other countries.
Within the cyber security community, Hutchins heralded as a folk hero for his apparent role in stopping the WannaCry attack. A Justice Department official said his arrest was unrelated to WannaCry.
Some security researchers and computer crime experts said they were skeptical of the charges against Hutchins.
The government needs to show intent to further a crime, said, Orin Kerr, a professor at George Washington University Law School. Merely creating and selling malware, on its own, isn’t enough.
Salim Neino from a California-based Kryptos Logic, the security firm where Hutchins employed, did not respond to requests for comment.