WannaCry ‘hero’ arrested on malware charges

News
By
published

'MalwareTech' has been charged with creating malware

The cyber expert who managed to successfully stop the WannaCry ransomware attack on the British National Health Service (NHS) has been arrested in America on charges of being involved in crimes relating to Kronos malware.

Marcus Hutchins, who's from the UK and is known as 'Malware Tech' in the cyber security community, was in America for cyber defence conference Def Con.

The US department of justice has confirmed that Hutchins, aged 23, “was arrested in the United States on 2 August, 2017, in Las Vegas, Nevada, after a grand jury in the Eastern District of Wisconsin returned a six-count indictment against Hutchins for his role in creating and distributing the Kronos banking Trojan”.

Kronos was a malware that harvested people’s bank login details in order to steal money from their accounts. The malware was offered for purchase on cybercriminal forums in 2014 for the not-insignificant sum of $7,000 (£4,100 by the time’s conversion rates). 

The true meaning of Trojan

Given Hutchins’ involvement in the cyber security community, this arrest has come as a surprise – particularly to his mother, who told the Press Association that she had been “frantically calling America” to try and contact her son. 

As reported by The Guardian, Hutchins was revealed to be working out of his family home when he managed to stop the WannaCry malware attack on the NHS earlier this year.

At the time, there was something of an outcry in the cyber community that someone who was hailed as a hero was 'doxxed' (a term used to refer to the disclosure of personal information about a user) by the mainstream media who were commending him.

Hutchins managed to stop the attack by registering the domain that the malware was trying to contact. On his blog, where he details his actions during the attack, he posits that the URL was being used for the malware to establish whether it was being ‘sandboxed’ (a technique whereby elements of a computer system are kept siloed from other sections for safety).

According to Digital Trends: “A court hearing is expected to take place on Friday aimed at organizing his legal representation.”

See more Computing News
Andrew London
Andrew London

Andrew London is a writer at Velocity Partners. Prior to Velocity Partners, he was a staff writer at Future plc.

Latest in Antivirus
Kaspersky Antivirus is banned in the US – here are 3 superb alternatives
A person holding an iPhone close to the camera with the Google search homepage displayed onscreen
That Google Ad you click could be dangerous—here’s why
A stressed out hacker looking at a laptop screen
Your antivirus software will get a major boost from this new hacking competition
Promotional material for McAfee online protection.
Protect your online life with the power of McAfee
"Best Free Antivirus Software" next to a laptop being opened
Best free antivirus in 2025
Antivirus
Which antivirus software works with Malwarebytes?
Latest in News
Twitter social media application change logo to X. Elon Musk CEO of twitter rebranded Twitter to 'X'. Social media application technology concept.
X is down again – here's everything we know about Twitter's third outage of the day
Nvidia geforce rtx 3050
RTX 5050 rumors detail full spec of desktop graphics card, suggesting Nvidia may use slower video RAM – but I wouldn’t panic yet
OnePlus 13
OnePlus is ditching the Alert Slider for an iPhone-style customizable button - and I’ll be sad to see it go
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
Q Acoustics Q SUB80, QSUB100 and QSUB120 subwoofers
Q Acoustics wants to bring the bass to your post-Oscars movie catch-up
Hospital
Major Oracle outage hits US Federal health record systems
Twitter social media application change logo to X. Elon Musk CEO of twitter rebranded Twitter to 'X'. Social media application technology concept.

X is down again – here's everything we know about Twitter's third outage of the day
Seth Rogen as Matt Remick looking worried in The Studio.

The Studio already has 100% on Rotten Tomatoes – here are 3 more highly-rated comedies to watch before it's released on Apple TV+
A hacker wearing a hoodie sitting at a computer, his face hidden.

Experts warn this critical PHP vulnerability could be set to become a global problem
See more latest
Most Popular
Twitter social media application change logo to X. Elon Musk CEO of twitter rebranded Twitter to 'X'. Social media application technology concept.
X is down again – here's everything we know about Twitter's third outage of the day
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Tuesday, March 11 (game #373)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Tuesday, March 11 (game #639)
Quordle on a smartphone held in a hand
Quordle hints and answers for Tuesday, March 11 (game #1142)
botnet
Another top security camera maker is seeing devices hijacked into botnet
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
OnePlus 13
OnePlus is ditching the Alert Slider for an iPhone-style customizable button - and I’ll be sad to see it go
Nvidia geforce rtx 3050
RTX 5050 rumors detail full spec of desktop graphics card, suggesting Nvidia may use slower video RAM – but I wouldn’t panic yet
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide