LISTEN LIVE KPR - On Air: Listen Live to classical, jazz and NPR news Schedule LATEST
KPR 2 - On Air: Listen live to KPR's all talk-radio service, KPR2 Recordings

Share this page              

Feds Arrest Man Credited With Helping To Stop Ransomware Attack

Marcus Hutchins, seen in May when he was credited with hobbling the WannaCry attack. Now, U.S. authorities have arrested him for allegedly creating and distributing banking malware.

Marcus Hutchins' Twitter account suddenly went quiet a day ago when the FBI took him into custody in Las Vegas on Wednesday. The 23-year-old British citizen — who was praised earlier this year when he was credited with helping to control a global ransomware attack — was in town attending the Black Hat and DefCon cybersecurity conferences.

According to a court document and a statement from the U.S. Department of Justice, he's accused of creating and distributing a malware program called Kronos. It's designed to steal banking log in information and other financial data from infected computers.

The Justice Department statement said "following a two-year long investigation, a federal grand jury returned a six-count indictment against Marcus Hutchins, also known as "Malwaretech," for his role in creating and distributing the Kronos banking Trojan." The indictments were handed down in the Eastern District of Wisconsin.

The British researcher is charged with one count of conspiracy to commit computer fraud and abuse, three counts of distributing and advertising an electronic communication interception device, one count of endeavoring to intercept electronic communications, and one count of attempting to access a computer without authorization.

The alleged crime happened between July 2014 and July 2015.

But Hutchins is known as a hacker whose career has been dedicated to stopping cyber attacks, not committing them.

He grew famous in May when he was credited with finding a "kill switch" on a malware program called WannaCry that threatened over 150 countries. The program would infect computers, lock them up and demand ransom to restore the information. The U.K.'s National Health Service was among the victims. Hutchins is a self-described "accidental hero" and fellow researchers expressed shock and disbelief at the accusations.

Andrew Mabbit, founder of cyber firm Fidus Information Security, said on Twitter that he was trying to find Hutchins a lawyer and would soon be crowdfunding cash for his legal representation.

"I refuse to believe the charges against @MalwareTechBlog," Mabbitt said, referring to Hutchins' Twitter handle. "He spent his career stopping malware, not writing it."

Mabbitt didn't respond to a request for comment.

Another researcher Kevin Beaumont tweeted that the Department of Justice had made a "huge mistake."

Beaumont tweeted that Hutchins' business is to infiltrate malware like Kronos, monitor them and sell that data to law enforcement.

Copyright 2017 NPR. To see more, visit

Tower Frequencies

91.5 FM KANU Lawrence, Topeka, Kansas City
96.1 FM K241AR Lawrence (KPR2)
89.7 FM KANH Emporia
99.5 FM K258BT Manhattan
97.9 FM K250AY Manhattan (KPR2)
91.3 FM  KANV Junction City, Olsburg
89.9 FM K210CR Atchison
90.3 FM KANQ Chanute

See the Coverage Map for more details

Contact Us

Kansas Public Radio
1120 West 11th Street
Lawrence, KS 66044
Download Map
785-864-4530 (Main Line)
888-577-5268 (Toll Free)