Marcus #Hutchins, the 23-year-old British security expert who was able to stop a malware called WannaCry from spreading, went from being a hero to a criminal. Hutchins was arrested in Las Vegas on Thursday for creating and selling a malicious program called #Kranos, which steals online banking information from victims.

The suspect was in Las Vegas after attending two hacking conferences – Black Hat and Def Con and was detained shortly after at the Henderson Detention Center in Nevada before being transferred to another location.

The British consulate refused to comment on Hutchins’ case.

Marcus Hutchins was a criminal all along and not a hero

According to the report from USA Today, Hutchins, who also uses the name MalwareTech, allegedly sold the banking malware from July 2014 to July 2015.

Advertisements
Advertisements

The crime was investigated by the FBI Cyber Crime Task Force in Milwaukee.

Hutchins and an unnamed accomplice allegedly promoted Kronos on internet forums and also offered additional services to make the banking malware undetectable by antivirus software.

Kronos was developed to infiltrate banking systems by getting data from its victim’s computer. The program digs up the victim’s user name and password then sends the information to the criminal’s computer. The criminal then uses the information to hack the victim’s bank accounts to steal funds.

A UK Foreign Office spokesperson said that they are in contact with authorities in Las Vegas and are providing help to Hutchins’ family.

The time Hutchins thwarted the ransomware attack

In May, Hutchins was able to stop a ransomware attack called #WannaCry, which has already infected computers in 74 countries and 20% of hospitals in the UK.

Advertisements

Hutchins discovered WannaCry’s kill switch that stopped the ransomware in its tracks before inflicting further damage to other areas. It turned out that the ransomware was created to ping an unregistered domain and when the malware doesn’t receive a message that the web address doesn’t exist, it shut itself off. Hutchins immediately registered that domain and eventually stopped the spreading.

Hutchins never wanted the media attention he got when it was discovered that he was the one who stopped the cyber attack. So much so that he began giving extensive credit to others who helped him with the solution. He was even forced to climb over his back garden wall just to avoid reporters who were staking out his home.