An English hacker known for foiling a global cyberattack earlier this year was arrested Wednesday in Las Vegas, the U.S. Department of Justice announced Thursday.
The Twitter feed of Marcus Hutchins, also known as MalwareTech, suggests he had attended the DefCon cybersecurity conference at Caesars Palace, which ended Sunday. A DefCon representative declined to comment on attendees.
A spokeswoman for the FBI field office in Las Vegas referred all inquiries on Hutchins’ arrest to the Department of Justice.
Hutchins, 23, appeared briefly Thursday afternoon before U.S. Magistrate Judge Nancy Koppe in Las Vegas and was expected to be detained by federal authorities overnight. He appeared in court wearing a blue T-shirt, bluejeans and black sneakers.
The judge postponed court proceedings until Friday to determine whether Hutchins would hire a private attorney.
Assistant Federal Public Defender Dan Coe told the judge that Hutchins had cooperated with the government before being charged. The defendant told Koppe he understood the allegations against him, including an allegation that he played a role in spreading malware to steal financial information.
Hutchins gained notoriety in May after he was credited with cracking the WannaCry cyberattack, in which a ransomware worm crippled Britain’s hospital network as well as factories, government agencies, banks and other businesses around the world, according to The Associated Press.
He stopped the attack from spreading by registering an internet domain name the malware’s code relied on.
Authorities did not provide details about the circumstances of his arrest or information about where he was being detained.
As word of Hutchins’ arrest spread through the cybersecurity community on social media, a document that appeared to be a sealed federal indictment emerged and pointed to Hutchins’ alleged involvement in creating code for another piece of malware, the Kronos banking Trojan.
The Justice Department later released the same document, which was filed July 11 in U.S. District Court for the Eastern District of Wisconsin.
A grand jury indicted Hutchins and at least one other defendant on six counts, including conspiracy and the manufacture, distribution and possession of electronic communication intercepting devices. The names of any other defendants are redacted in the public version of the document.
Ten or more government computers were infected with Kronos between July 2014 and July 2015. The indictment accuses Hutchins of creating the malware. It also accuses at least one unidentified co-defendant of selling it online and doing demonstrations on how to use it.
The Electronic Frontier Foundation, a San Francisco-based digital rights group, said in a statement that it was looking into the matter and reaching out to Hutchins.
“The EFF is deeply concerned about the arrest of Marcus Hutchins, a security researcher known for shutting down the WannaCry ransomware,” the statement said.
A foreign office spokesman with the British Embassy said embassy officials were in contact with Las Vegas authorities about Hutchins’ arrest and were providing support to his family.
Contact Wesley Juhl at firstname.lastname@example.org and 702-383-0391. Follow @WesJuhl on Twitter. Review-Journal staff writers David Ferrara and Todd Prince contributed to this report.
De-coding tech talk
Malware is a general term used to describe malicious code that is installed on a computer, often without authorization.
Ransomware is a type of malware that will lock users out of their computers with a display demanding money in exchange for access.
Trojans are a kind of malware that hides on a computer and records personal information like passwords and account numbers.