Cyber experts can either be malicious or ethical. However, there is also a gray area between the two where people like Marcus Hutchkins might end up in. The 23-year-old cyber expert, who ‘accidentally’ discovered the kill switch for global ransomware WannaCry, has been reportedly arrested by the FBI for allegedly conspiring to advertise and sell a malicious software that targeted bank accounts.
Hutchkins faces six counts of helping to create, spread, maintain the banking Trojan Kronos between 2014 and 2015. According to the US Department of Justice, Hutchkins created the malware while his partner sold it for $2,000 online. The malware was then launched through emails with dubious attachments, and allowed hackers to steal money by using compromised credentials such as internet banking passwords.
Although Hutchkins has been arrested in relation to the Trojan Kronos, The Telegraph reports that the allegations are not related to the WannaCry attack for which he was credited with halting. ALSO READ: Petya ransomware follows WannaCry’s footsteps; here’s what the experts have to say
Hutchkins had figured out a way to stop the spread of WannaCry malware under the pseudonym MalwareTech. He had also been rewarded with $10,000 for the effort, which he donated to charity. Believed to be an ethical hacker, Hutchkins was in Las Vegas to attend the world’s largest annual conventions for security experts, BlackHat and DefCon, before being detained at the McCarran airport in light of the allegations.
The cyber expert was traveling with another friend, who confirmed that the FBI detained him after he had checked into his flight. The friend, who also works in the cyber security industry, said, “He was detained at McCarran airport yesterday. He checked into his flight and I think he was sitting in the Virgin upper class lounge.” He added, “He was escorted out of the airport and never made his flight.” ALSO READ: LeakerLocker ransomware: Hackers threaten to expose your browser history, messages and more
Hutchkins’ arrest comes as over £100,000 of bitcoin currency, which was paid by WannaCry victims, was withdrawn from the hackers’ online wallets. WannaCry ransomware took down systems worldwide, including India, and encrypted user data till a ransom was paid in Bitcoins. The malware made it to computers owing to an existing vulnerability in Windows, which was exploited using a tool named EternalBlue. And the affected computers had not been updated with protection against the exploit. The tool is believed to be first developed by the US’ National Security Agency.