Marcus Hutchins, or MalwareTech, rose to fame by shutting down the WannaCry ransomware network that threatened to cripple the world. Unfortunately, he is back in the news after being picked up by the FBI for allegedly having a role in the Kronos malware campaign.
Hutchins was arrested shortly before he was supposed to board his London-bound flight after attending Black Hat and Defcon security conferences. The FBI made no notice of his capture, and his disappearance was only noted by acquaintances who said that he had gone usually quiet just before the flight.
According to court indictment documents, Hutchins is accused of developing Kronos. Malware that was used to target financial institutions and steal money. The hacker isn’t actually charged with launching the campaign, but is rather said to face charges of having intentionally built malware for criminal reasons. The FBI also believes that he conspired with others to sell the malware on the now defunct Alpha Bay marketplace on the dark web.
Cybersecurity experts are already beginning to call the arrest a “stretch”. Many knew that Hutchins was involved in research concerning the methods used in Kronos at the time that it was released. However, it is impossible to say that he had the intent for the work to be used in a criminal enterprise. Many security researchers often build proof-of-concept malware to test their theories and find ways to defend against them.
Neither the FBI nor the US Department of Justice has commented on the case.