Marcus Hutchins, a young British researcher credited with derailing a global cyber attack in May, was arrested for allegedly creating and distributing malicious software designed to collect bank account passwords, US authorities said today.
British IT expert Marcus Hutchins speaks during an interview in Ilfracombe, England in May 2017.
Source: Associated Press
News of Hutchins' detention came as a shock to the cybersecurity community.
Many had rallied behind the researcher whose quick thinking helped control the spread of the WannaCry ransomware attack that crippled thousands of computers.
Hutchins was detained in Las Vegas on his way back to Britain from an annual gathering of hackers and information security gurus.
A grand jury indictment charged Hutchins with creating and distributing malware known as the Kronos banking Trojan.
Such malware infects web browsers, then captures usernames and passwords when an unsuspecting user visits a bank or other trusted location, enabling cyber theft.
The indictment, filed in a Wisconsin federal court last month, alleges that Hutchins and another defendant whose name was redacted conspired between July 2014 and July 2015 to advertise the availability of the Kronos malware on internet forums, sell the malware and profit from it.
The indictment also accuses Hutchins of creating the malware.
Authorities said the malware was first made available in early 2014, and "marketed and distributed through AlphaBay, a hidden service on the Tor network".
The US Department of Justice announced in July that the AlphaBay "darknet" marketplace was shut down after an international law enforcement effort.
Hutchins' arraignment was postponed today in US District Court in Las Vegas by a magistrate judge who gave him a day to determine if he wants to hire his own lawyer.