The UK based Security Researcher who uses the handle @MalwareTechBlog, (aka Marcus Hutchins) and who became the self-professed accidental hero during the recent WannaCry outbreak that took place back in May has been arrested by the FBI for his involvement in the Kronos malware campaign that took place back in 2014-2015.
Yesterday, the FBI detained Marcus Hutchins after the DEF CON hacking conference in Las Vegas as he attempted to fly back home to London, where he works as a researcher for the Cyber Security firm Kryptos Logic. Shortly after his arrest, the Department of Justice unsealed an indictment against Marcus Hutchins. This indictment charges him for his involvement in creating the Kronos banking trojan, which was a piece of malware used to steal banking credentials in 2014 and 2015 and was designed to spread via emails, gathering financial details of the victims as it did. Furthermore included in the charge is that he was supposedly involved in the conspiracy to sell it for $3,000 on dark web markets like AlphaBay.
The news surrounding the arrest of Marcus Hutchins has shocked a lot of the Cyber Security community, after all Marcus is well known especially recently with his rise to fame in stopping the WannaCry outbreak, Marcus is a well respected person within the community and so this comes as quite damming news. It is not yet known exactly what evidence the FBI have on Marcus but it could have come from last month’s FBI and Europol seizure of the servers of AlphaBay, which happens to be the site mentioned in the indictment.
Friends of Marcus have reported he is currently located in the FBI’s Las Vegas field office, but the FBI is not releasing any comments at this time. As yet the evidence is unclear and judging by the indictment it seems the FBI believe Marcus built Kronos and an as yet unnamed co-conspirator released a video demo and sort to sell it, looking back we know that Marcus was researching Kronos around the time as he sought to get hold of a sample just as he did with WannaCry.
Anyone got a kronos sample?
— MalwareTech (@MalwareTechBlog) July 13, 2014
Lets face it the FBI has a history of incorrectly punishing security professionals who are doing good, so personally I am holding out on any judgment, and ultimately i want to know what evidence the FBI claim to have.