Court documents unsealed Thursday showed Hutchins, who is known under the online alias "Malware Tech," was indicted on charges of creating malware to attack banks.
Hutchins gained international renown for detecting a "kill switch" which effectively shut down the WannaCry global ransomware attack in May. He was detained by the FBI in the US state of Nevada on charges unrelated to WannaCry.
An indictment filed on July 12 in a Wisconsin court accused him and another individual of making, advertising, distributing and profiting from a malware code known as the Kronos Trojan between July 2014 and 2015. Kronos malware is used to steal online banking and credit card data which could be used to steal money from bank accounts.
Read more: What is ransomware?
The arrest, originally reported on the security website Motherboard, occurred as Hutchins was preparing to fly back to the UK after attending the major Def Con and Black Hat hacker security conferences, which were held in Las Vegas last week.
His Twitter feed indicated he was at an airport Wednesday preparing to fly home. A court hearing was scheduled for him in Las Vegas for Thursday afternoon, Reuters reported.
US digital rights group the Electronic Frontier Foundation said it was "deeply concerned" about Hutchins' arrest and was attempting to reach him.
Several other members of the hacking community were also expressing their concern via Twitter. It was unclear whether Hutchins had a lawyer.
Hutchins became famous in the cyber security community for his apparent role in thwarting WannaCry, which infected hundreds of thousands of computers in 150 countries, causing disruptions at factories, hospitals, shops and schools.
se/gsw (AP, AFP, Reuters)