1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Hutchins arrest raises concern

Ross Dunbar
August 4, 2017

Marcus Hutchins is credited for single-handedly stopping the WannaCry cyber attack in May, which affected computers in over 150 countries. He was detained by law enforcers before returning to London.

Symbolbild Cyberattacke
Image: picture alliance/MAXPPP/R. Brunel

The 23-year-old security researcher Marcus Hutchins, who uses the online handle "MalwareTech", was detained Thursday as he boarded a flight from Los Angeles back to the United Kingdom.

An indictment was issued against Hutchins and an unnamed co-defendant on July 12 in US District Court in the Eastern District of Wisconsin. Hutchins is accused of creating the Kronos malware, then advertising, distributing and profiting from it in activities between July 2014 and July 2015, according to the court.

Read more: A cyberexpert explains how Petya differs from WannaCry

First reported by tech site Motherboard, Hutchins was held at the Henderson Detention Center in Nevada. Andrew Mabbit, another security expert who was with Hutchins last week, tweeted that the Briton was at Las Vegas FBI field office. His case was adjourned until Friday to give Hutchins time to find a legal representative.

Hutchins, who works for LA-based firm Kryptos Logic, was in Las Vegas around the time of the DEF CON and Black Hat hacking conferences, but didn't plan to attend, according to The Outline. Hutchins and several acquaintances rented first-rate sports cars, held parties at their lavish apartment and went to a shooting range.

Read more: Cybercrime just the tip of the iceberg

"The Accidental Hero"

Many in the cybersecurity community have leaped to Hutchins' defense, suggesting the 23-year-old intentions were always to improve security standards. Mabbitt wrote on Twitter that he didn't believe the allegations put forward by the Justice Department on June 12. "He spent his career stopping malware, not writing it," he said.

The phrase "Accidential Hero" is prominent on the Twitter biography of "MalwareTech" after he brought an end to a paralyzing cyber attack which affected more than 300,000 computers in May. Hutchins discovered a "kill switch" to deactivate the WannaCry ransomware virus. But with his public profile growing, Hutchins claimed his personal space was invaded and even had to consider changing addresses. 

Meanwhile, the Electronic Frontier Foundation (EFF), a non-profit organization based in San Francisco, which aims to protect internet civil liberties, expressed concern at the news of Hutchins' arrest in Nevada.

The case against Hutchins:

Orin Kerr, a professor of law at George Washington University, told the Associated Press news agency that it remains a consistent problem in legal circles when malware is only created and sold - and not for greater crimes. "This is the first case I know of where the government is prosecuting someone for creating or selling malware but not actually using it," he noted.

Kerr also wrote a lengthy explanation in a Washington Post op-ed about the challenges for the Justice Department in presenting a robust legal case for creating and selling malware. "My sense is that the government's theory of the case is fairly aggressive. It will lead to some significant legal challenges," he wrote.

Read more: EU ageancies had tools to contain WannaCry ransomware

"Cybercrime remains a top priority for the FBI," said Justin Tolomeo, the Special Agent in Charge of the indictment. "Cybercriminals cost our economy billions in losses each year. The FBI will continue to work with our partners, both domestic and international, to bring offenders to justice."

Kronos,  which Hutchins is accused of creating and distributing, has been configured to steal passwords to access bank accounts in Canada, Germany, France and the United Kingdom, among others. The FBI have concluded a two-year investigation into the Kronos malware, which was first available in 2014, according to the official documents.