Marcus Hutchins aka MalwareTech, the person who found the ‘kill switch’ for WannaCry malware, has been arrested in Las Vegas by the FBI following DEFCON. Hutchins is suspected of creating the Kronos banking malware, as reported by MotherBoard.
Marcus Hutchins who works for Kryptos Logic was stopped by the FBI before he could board his flight back to London from Las Vegas and was reportedly being held at FBI’s Las Vegas field office but his accurate whereabouts haven’t been confirmed yet.
Marcus Hutchins is best known for buying a domain on the internet which acted as a kill switch to stop the WannaCry ransomware attack which infected north of 300,000 PC worldwide — hitting 75,000 in UK’s National Health Service.
“We are aware a UK national has been arrested but it’s a matter for the authorities in the US,” a spokesperson for the UK’s National Crime Agency told Motherboard.
Kronos Malware, first detected in 2014, was a banking malware infected the Point of Sale (POS) and then copied all the banking details during a transaction.
Although Hutchins is mainly being put in custody due to his assistance in writing the code of the Kronos malware while his unnamed co-defendant is being charged for marketing and selling the malware on the black market.
The 23-year-old security researcher who has his own security blog called MalwareTech, stopped the WannaCry ransomware attack which had affected several countries.
The ransomware affected PCs in a number of countries including Russia, Ukraine, India, Spain, UK, USA, Brazil, China and several others in North and Latin America.
The vulnerability which inspired the attacks was fixed by Microsoft in an update rolled out on March 14, 2017, but those running old OS like XP as well as those who had yet not updated their systems were among the ones hit by the attack.