Marcus Hutchins, the British hacker who helped contain the recent spread of the notorious WannaCry ransomware, has been arrested while attending the DEFCON conference in Las Vegas.
The annual conference serves as a gathering for hackers throughout the United States and other parts of the world.
Hutchins, who is in his early 20s, works as a digital researcher at Kryptos Logic, a cybersecurity company with expertise and skills in various IT areas such as penetration testing, consulting and attack forensics, just to mention a few.
While attending DEFCON 2017, Hutchins was arrested by the Federal Bureau of Investigations (FBI) and charged with advertising and distributing malware capable of collecting financial data from individuals.
The malware, which goes by the name Kronos, is alleged to have been distributed between mid-2014 and mid-2015, according to the Department of Justice.
The charges are severe, as the activities have a ripple effect whereby if multiple persons obtain the malware, they tend to have the capacity to undertake various forms of banking fraud.
Hutchins’ charges could see him land many years in jail.
Authorities are accusing him of creating the banking Trojan and further distributing to other parties at the cost of about $7,000, and of course payments made in the form of Bitcoins.
It is important to note that the arrest is in no way related to the WannaCry virus that he helped stop, but rather the banking fraud malware.
When WannaCry had begun spreading at an unprecedented rate, entities across the globe were forced to close down until a solution to the problem was fixed.
Various reports state that Hutchins was able to mitigate the problem after identifying a kill switch by mistake, which slowed its growth.
The virus was very destructive, seriously impacting many entities, from governments to businesses to hospitals. It locked all files in the system and further demanded a $300 payment in Bitcoins within three days.
Failure to comply would double the amount, and further inability to pay would cause the system to delete everything.
There are reports that some parties cooperated, but what is not sure is if they ever recovered their files after doing so.
At that time, Hutchins was the talk of the town as media outlets around the globe aired stories about how the whole incident transpired—from the point the virus started spreading to the point he discovered it, and ultimately to when it was stopped.
However, his arrest came as a surprise as many wondered how the young man who is supposed to be treated as a hero had found himself in the hand of the authorities.
But with time, due to the fame he had acquired by discovering the solution to WannaCry, the media began broadcasting his story.
Several individuals have been discussing how to help get him out of police custody. Some groups opted for measures such as crowdfunding to cover his legal expenses.
Of course, due to the nature of the perceived crime, he will need a good attorney.
Hutchins’ scenario shows that just one mistake can turn one from a hero to a criminal, almost overnight.
Reports indicate Hutchins was banned from the internet as one of the conditions that will set his release.
Categorically speaking, law enforcement will often ban criminals from using the internet to prevent them from manipulating the platform and causing more harm.
Consequently, causing damages of various types in different areas may result in more punishment. And in this case, perhaps access to the internet would enable Hutchins to distribute further the malware he created.
In another recent arrest similar to that of Hutchins, the FBI indicted an individual after he arrived at a Los Angeles airport to attend a conference.
Yu Pingan, a Chinese national, allegedly distributed malware dubbed “Sakula” that was used in a massive OPM breach in 2015.
During this time, a massive amount of confidential data and in some cases the fingerprints of both regular citizens and government workers were released.
The charges levied against Pingan were related to computer hacking, according to the indictment.
The malware enabled its developers to monitor the activities undertaken by its target remotely.
What’s more is that it was nearly impossible for victims to tell if their systems had been hacked.
Unless victims were experts in the cybersecurity field, perhaps the Trojan would remain in their devices without any detection.
It’s no wonder the number of persons affected ran into the tens of millions within a short span.
Now that two hackers have been arrested under similar circumstances, it brings into question as to how much more will follow the same path.
Of course, in the case of the Chinese hacker, one would assume Pingan never had any idea that he was on the radar of the FBI in the U.S.
Authorities in the U.S. are very discrete in their undertaking.
For this reason, hackers who have engaged themselves in various sales of malware on the dark web ought to take measures to ensure they do not suffer the same fate.
Back in China, reports say that several hackers were arrested in connection with the Sakula malware.
But as the blame was tossed around by the FBI, the Chinese government steered clear of any wrongdoings.
These two instances of hacker arrests have occurred in a span of a few weeks. But it has served as a lesson to others who previously engaged themselves in similar vices.