icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
4 Aug, 2017 01:21

Expert who disabled ‘WannaCry’ cyber attack indicted over bank malware ‘Kronos’

Expert who disabled ‘WannaCry’ cyber attack indicted over bank malware ‘Kronos’

A British-based malware researcher has been indicted in connection to the “Kronos” malware which targets banks. The hacker was arrested during a conference in Las Vegas. His friends and associates are concerned as they do not know where he was taken to.

On Thursday an indictment filed in the US District Court in Wisconsin accused Marcus Hutchins, 23, of advertising, distributing and profiting from a malware code called “Kronos.” The indictment states that Hutchins allegedly took part in the illegal activity from July 2014 to July 2015.

Hutchins, also known as “MalwareTech” online, gained prominence in May for finding a "kill switch" which disabled the WannaCry bug. He was detained by the FBI in Las Vegas Wednesday.

Hutchins faces six counts, including conspiracy to commit offense or to defraud US; fraud and related activity in connection with computers; interception and disclosure of wire,oral, or electronic communications prohibited; manufacture, distribution, possession and advertising of wire, oral, or communication intercepting devices prohibited.

He was indicted with an unnamed co-defendant on July 12. However, the case remained under seal until Thursday, according to a US Justice Department spokesman and reported by Reuters.

Hutchins was detained just days after he and thousands of others made their way to Las Vegas for the annual hacker Black Hat and Def Con conventions. He was being held at the Henderson Detention Center in Nevada early Thursday. A few hours later, he was moved to another facility, an unnamed friend of Hutchins told Motherboard.

“We still don't know why Marcus has been arrested and now we have no idea where in the US he's been taken to and we're extremely concerned for his welfare,” the friend said.

The Kronos malware is downloaded from email attachments, causing victims’ systems to be vulnerable to theft relating to their banking and credit card credentials. Kronos was used to steal banking information in Canada, Germany, Poland, France, the United Kingdom and other countries.

Allegations in the indictment state that an unidentified co-defendant in the case advertised the Kronos malware on AlphaBay, a dark web marketplace which authorities took offline last month. Investigators stated that the site allowed anonymous users to participate in the global trade of drugs, firearms, hacking tools and other illegal goods.

READ MORE: ‘You want me arrested?’: Julian Assange tweets at France’s Macron over leaked emails

The founder of the cyber firm, Fidus Information Security, Andrew Mabbit, who went to the conference in Las Vegas with Hutchins, said on Twitter that he was working on acquiring a lawyer for Hutchins because he does not currently have one.

“I refuse to believe the charges against @MalwareTechBlog,” Mabbit tweeted. “He spent his career stopping malware, not writing it.”

In the cyber community, Hutchins was hailed as a hero after he apparently stopped the WannaCry attack that caused disruptions to car factories, hospitals, shops and schools in more than 150 countries and infected hundreds of thousands of computers.

Podcasts
0:00
13:3
0:00
13:32