Just three months after 23-year-old Marcus Hutchins and his colleagues stopped the dreaded ransomware WannaCry he has been arrested on his way home from Defcon, the world’s largest hacker conference. At the conference participants work with different kinds of hacks, malware and spyware. Security people and researchers from all over the world participate. Including Danish researcher Carsten Schürmann who demonstrated how to quickly and easily he could hack into American voting machines. Where Schürmann was celebrated for his work at Defcon things didn’t turn out as well for Hutchins. You can read more about this hack here on our blog.
From WannaCry hero to prison
When Hutchins became aware of WannaCry and analyzed the threat he found out that it was associated with a non-existent domain. Therefore Hutchins registered a domain and the malware stopped spreading immediately. The fast work and effort quickly made him a hero in security circles. On the way back from Defcon however, Hutchins was arrested and charged with writing the malware; Kronos, a Trojan horse which had earlier been used to steal bank information in connection with fraud. Hutchins works as a researcher for the security company Kryptos Logic in England where he lives. Hutchins was arrested by the FBI and charged with creating the Malware Kronos, in 2014-2015 and for being a part of a conspiracy to sell it for $3,000.
Malware is not illegal in itself
First, Hutchins declared himself innocent of all charges. Since then he said during a police hearing that he had written a code that could gain access to confidential banking information. Despite Hutchins having allegedly written some or all of the code, he claims not to have used it for anything criminal. It is not illegal to write malware but it is illegal to use malware for something illegal. Hutchins has been offered a bail of $ 30,000 if he promises not to leave the United States and not to go online. According to the indictment another member of the “malware conspiracy” has done most of the footwork related to distributing Kronos, including sales via criminal internet forums. Hutchins is also being accused of having updated the malware six months after it began to be sold and this may turn out to be essential for the case.
Security groups denounce arrest
In international security circles many people are dissatisfied with the arrest of Hutchins. There is an eight-page prosecution which does not at any point claim that Hutchins used Kronos for anything criminal. Several sources tell that Hutchins has previously worked together with the American justice system, on among other things, how to stop bot malware. The researcher Jake Williams has said that he has worked with Hutchins many times since 2013 and that they exchanged examples of malware last year at Defcon. Hutchins is described as an idealist who gave a $10,000 prize to charity and refused to accept money when Williams offered him it in connection with an education project. Williams emphasizes that he would never cooperate with a black hat hacker and that he knows one when he sees one. It is thus clear that Hutchins in his own ranks is considered to have a clear conscience and would never write malware and use it to harm others.
Right here and now neither the FBI nor the Department of Justice has commented on the case.
Protect your computer against malware
Not everyone develops malware just for fun or exchanges coding ideas at Defcon. Most types of malware are being developed for malicious reasons, for the purpose of destroying, stealing or otherwise making data vulnerable. Therefore, you should always be conscious of this risk when online. The risk of infection can be reduced by having effective virus protection software on your computer.