A 22-year-old hacker who helped slow the spread of the WannaCry global computer virus in May has been arrested by U.S. officials and charged with participating in a scheme to spread a different type of malware — one that aimed to collect victims’ financial data, according to a federal indictment unsealed Wednesday.
The six-count indictment claims that Marcus Hutchins, a British man who goes by the Twitter handle @Malwaretech, violated U.S. computer-related fraud laws when he created and conspired to sell a “banking trojan” known as “Kronos” online. The indictment was unsealed when Hutchins was arrested and is unrelated to WannaCry, according to the Justice Department.
Sold for as much as $7,000 at one point, a premium price tag for this type of malware, the Kronos trojan claimed to be able to evade antivirus software in an effort to steal banking customers’ credentials and other personal information. The federal indictment Wednesday said that Hutchins and an unnamed associate began offering the Kronos malware publicly in August 2014.
Hutchins earned widespread acclaim this year for his high-profile role in thwarting the WannaCry ransomware, which seized control of thousands of PCs around the world and locked them down unless their owners agreed to pay a fee. While analyzing WannaCry’s code, Hutchins discovered a flaw: The malware contained a killswitch that could be activated simply by controlling a specific website. For about $10, Hutchins purchased the rights to the domain, and experts credited the move with preventing WannaCry from spreading as quickly as it could have.
The act generated a deluge of media attention for Hutchins, who sought to back away from the limelight. But now, it appears he may be at the center of a whole new public drama.
