View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 4, 2017updated 07 Jul 2022 10:22am

FBI arrest WannaCry hero for alleged creation of Kronos malware

Marcus Hutchins was in the United States when he was arrested, having been attending Black Hat and Defcon.

By Tom Ball

Marcus Hutchins, the 23 year old who defeated WannaCry, is set to appear in US court charged with alleged Kronos malware involvement.

He was arrested by the FBI on Wednesday in Las Vegas where he had been attending major cybersecurity events Black Hat and Defcon.

Kronos is a trojan, which is as the name suggests, an attack hidden by a disguise of legitimacy, that specifically targets bank accounts. The involvement Hutchins is alleged to have had in the malware’s creation and distribution was between 2014 and 2015.

This type of malware is spread via emails that contain the malicious payload, and the attack would be triggered by accessing an attached document for example. As a result of this, the malware specifically targeted bank credentials.

A United States Department of Justice statement reported by the BBC said: “Marcus Hutchins… a citizen and resident of the United Kingdom, was arrested in the United States on 2 August, 2017, in Las Vegas, Nevada, after a grand jury in the Eastern District of Wisconsin returned a six-count indictment against Hutchins for his role in creating and distributing the Kronos banking Trojan.”

Coinciding with the arrest of Marcus Hutchins, a dark-web site believed to have been used for the distribution of the Kronos malware called Alphabay was shut down.

READ MORE: US Government bill seeks to sort out IoT security problems

Hutchins gained fame for coming to the defence of the NHS when it was suffering at the hands of the WannaCry ransomware attack that had a global reach and devastating effect. He had wanted to remain anonymous, but his identity was revealed and he was heralded a hero.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

The Twitter account believed to be used by Marcus Hutchins, @MalwareTech, tweeted asking for a sample of the Kronos malware on the 13th of July 2014, shortly after the discovery was made. Family and peers of Hutchins have reportedly expressed disbelief at the prospect of the accused party being guilty.

Topics in this article : , , , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.