Cybersecurity Researcher Who Stopped Ransomware Attack Indicted in the U.S.

By
Marcus Hutchins. Photo: Chris Ratcliffe/Bloomberg via Getty Images

A cybersecurity researcher known online as MalwareTech has been indicted in the U.S. for allegedly creating and spreading malicious software. Ironically, MalwareTech was also responsible for significantly slowing down the recent globewide WannaCry ransomware attack, by sinkholing a domain that the software relied on to operate. According to Motherboard, the researcher was detained following the DEF CON hacker conference in Las Vegas this past week.

The indictment, also obtained by Motherboard, says that MalwareTech (real name: Malcolm Hutchins) was arrested for allegedly creating and distributing the Kronos malware. Hutchins and another unidentified defendant are accused of advertising and selling the malware on various hacker forums, including the recently shuttered AlphaBay. Hutchins is explicitly identified as the creator of the malware, which was being sold for thousands of dollars.

A friend of Hutchins told Motherboard that he was detained in Nevada, and a U.S. Marshals spokesperson said that the FBI carried out the arrest. The indictment was served in Wisconsin’s eastern district. Hutchins’s Twitter profile lists his home as the United Kingdom.

Others in the cybersecurity world are expressing skepticism regarding the prosecutors’ claims, citing evidence such as a 2014 tweet in which Hutchins asked for a sample of the Kronos malware, which he purportedly made himself.

Cybersecurity Researcher Indicted in the U.S.