This article is more than 1 year old
WannaCry kill-switch hero Marcus Hutchins collared by FBI on way home from DEF CON
Chap who stopped malware spread cuffed in Vegas
Updated Marcus Hutchins, the unassuming Brit who found and activated the kill switch in the WannaCry ransomware, has been arrested by the FBI in America.
Hutchins had been invited over to the States for the DEF CON hacking conference, held last week in Las Vegas, Nevada, and stayed on a few extra days to do the usual touristy things in the area. He attended various parties at the event, went shooting, as is somewhat traditional, and had been planning to return home yesterday.
I'm actually pretty excited to get back to work soon. Haven't touched a debugger in over a month now.
— MalwareTech (@MalwareTechBlog) August 2, 2017
The UK's National Crime Agency confirmed to The Register tonight that a UK national was arrested in Nevada, but couldn't comment on why nor on what charges or suspicions. A spokesperson for the FBI field office in Sin City was not available for immediate comment.
It's understood Hutchins, aka MalwareTechBlog on Twitter, was just about to board a flight home to the UK on Wednesday when the Feds swooped and took him away to an undisclosed location. His worried friends say they still have no idea where he is being held nor why.
His pal Andrew Mabbitt, founder of Fidus Information Security, today confirmed that 23-year-old Hutchins had been cuffed by the Feds on August 2. "I'm working on getting a lawyer for @MalwareTechBlog as he has no legal representation and no visitors. I'll be crowdfunding legal fees soon," Mabbitt added.
Hutchins, who works for a US infosec biz from his home in Blighty, was well-liked at the conference, and won praise from such luminaries as car hacker Charlie Miller. The Brit narrowly missed out on winning a Pwnie Award for his work on reverse engineering the WannaCry nasty.
Last time @MalwareTechBlog went missing, he lost his wallet and slept in a hotel lobby. Sadly I don't think it's the same story this time.
— Timothy Davies (@0xtadavie) August 3, 2017
We can only hope Hutchins, while waiting to fly back from his summer break, didn't make an unfortunate joke or three to the US Transportation Security Administration, who lack any modicum of a sense of humor about such things. ®
Updated to add
Hutchins was arrested on suspicion of creating bank-account-raiding malware Kronos, and is being held in the FBI's Las Vegas field office. Also, a hat tip to journo Joseph Cox for breaking the news.