British WannaCry ‘hero’ arrested, accused of creating Kronos malware

The British man responsible for halting the WannaCry malware that paralysed the NHS in May has been detained by US authorities in connection with a separate malicious program.

Marcus Hutchins, 23, managed to prevent the WannaCry ransomware spreading further by inserting a specific domain name within its code.

Hutchins, who works for cybersecurity firm Kryptos Logic, was picked up on Wednesday after attending the Defcon security convention in Las Vegas, according to a friend (via Motherboard).

Related: WannaCry – Are we safe now?

The Guardian reports Hutchins’ arrest is connected to a separate piece of malware, known as Kronos.

Hutchins and another unnamed co-defendant stand accused of creating the malware, which was spread through email attachments and targeted internet banking log-in information.

“Defendant Marcus Hutchins created the Kronos malware,” a filing to the eastern district court of Wisconsin claims.

It is unclear whether he has been officially charged with the alleged six counts of hacking offenses related to Kronos.

He may WannaCry now

Hutchins, who also goes by the username MalwareTech, unwittingly stopped the WannaCry malware spreading with his intervention back in May.

The malicious software had rapidly infected systems around the world, including in Spain, Russia, Turkey, Germany, and Vietnam.

On Wednesday it was reported the Brit was briefly held at the Henderson Detention Centre in Nevada, but he has now been transferred to an unknown facility.

I can confirm @MalwareTechBlog was detained yesterday and FBI/US Marshalls won't tell me where he is. https://t.co/lV5SxZjsRi

— Andrew Mabbitt (@MabbsSec) August 3, 2017

A spokesperson from the UK’s National Cyber Security Centre told Motherboard: “We are aware of the situation. This is a law enforcement matter and it would be inappropriate to comment further.”

This is a developing story and we’ll keep you posted with any updates.