The British computer expert, Marcus Hutchins who helped shut down a world-wide cyber attack that crippled the National Health Services (NHS) will appear in a US court on Friday charged with creating and distributing the malware known as Kronos that harvested banking details.
Officials said after the 23-year-old’s arrest by the FBI on Wednesday that he was indicted by a grand jury in the Eastern District of Wisconsin in relation to charges in the year leading up to July 2015. He could face a maximum sentence of 40 years in prison in the US if he is found guilty of the charges.
Hutchins, also known as MalwareTech, was hailed a hero in May this year when he found a ‘kill-switch’ that slowed the effects of the WannaCry ‘ransomware’ virus that hit more than 300,000 computers globally. Users would have to pay a ransom of $300 bitcoins to get back the data. Many people were locked out of their computers, and could not retrieve important data.
According to Wired, Hutchins was arrested Las Vegas, while he was flying home to the UK. Hutchins had just finished attending the Black Hate and Def Con hacker conference in Las Vegas. He lives in the UK and works with security firm Kryptos Logic.
The indictment says Hutchins created the Kronos malware before conspiring with another defendant, whose name has been redacted, to advertise and sell it on internet forums. In August 2014 the unnamed defendant sold the software for $2,000 (£1,522) in a digital currency in June 2015, the legal document adds.
Hutchins arrest is not linked to the WannaCry cyber attack but rather to an entirely different malware, which he is accused of creating in 2013 and updating in 2015. Kronos Malware is a banking trojan, which has been around since 2014, and used to steal data like usernames, passwords from banking websites. So Hutchins is not accused of actually hacking computers with the malware, but rather of creating something that he knew would be used in online crime.
The Electronic Frontier Foundation, a San Francisco-based digital rights group, said it is ‘deeply concerned’ and has reached out to Hutchins.
Naomi Colvin, from civil liberties campaign group Courage, echoed the foundation and praised Hutchins’ earlier work. She said: ‘In May this year, WannaCry malware closed hospitals in the UK, becoming the first ransomware attack to represent an actual threat to life. ‘In halting the spread of WannaCry before the US woke up, MalwareTech did the world an enormous service – and to American businesses in particular.’
Ms Colvin said he had been detained for 24 hours before information was released about his arrest and said he has still not been allowed to contact his family or lawyers. The Foreign Office said it is supporting Hutchins’ family and is in contact with authorities in Las Vegas while the National Cyber Security Centre also said it was ‘aware of the situation’.