Marcus Hutchins is a 23-year-old security researcher who is best known for discovering a kill switch that caused the rapidly spreading WannaCry ransomware to be stopped in its tracks this past May.
He also helped trace the source of the Mirai botnet during its outbreak.
For his discovery of the WannaCry kill switch, Hutchins was awarded $10,000 for his discovery, which he made from his bedroom under the pseudonym MalwareTech. He later donated the money to charity.
Hutchins is also, it turns out in a thickening plot twist, responsible for the creation and distribution of a banking Trojan named Kronos.
Hutchins, a resident of the UK, was in Las Vegas for the Black Hat and DEF CON hacking conventions, where he was arrested by the FBI.
His indictment shows six counts of conspiracy charges revolving around the distribution of the banking malware between 2014 and 2015.
Why would someone intentionally attempting to steal banking credentials anonymously cause one of the biggest and most widespread ransomware attacks ever to come to a screeching halt? And then donate his reward money?
Guilty conscious? Or has he turned a new hacking leaf?
Through his white hat attempts to help thwart both the WannaCry and Mirai malware attacks, Hutchins has wanted to remain anonymous for fear of retaliation.
Andrew Mabbitt, a close friend and CEO at Fidus Information Security in the UK tweeted this afternoon:
The Department of Justice reminds us in a press release that everyone is innocent until proven guilty (obviously), but it is rather strange that someone so heartily applauded for prevailing cyber justice is now being dissected under the microscope.
"Cyber crime remains a top priority for the FBI," says Special Agent in Charge (SAC) Justin Tolomeo, in the press release. "Cyber criminals cost our economy billions in losses each year. The FBI will continue to work with our partners, both domestic and international, to bring offenders to justice."
This news comes the same day as the news that funds were withdrawn from the Bitcoin wallet housing the ransom payments made to the WannaCry attackers.
