A global ransomware cyberattack nicknamed “WannaCry” threatened health services, business, and telecommunications networks last May – but it was famously halted before most of the damage was done by a young man from southwest England.
After having a look through the virus’ source code, he stumbled across a domain name – a website address – that had not been registered. On a hunch, he purchased the domain and watched as the cyberattack petered out into nothingness. Having succeeded where various government cybersecurity agencies failed, he was hailed at the time as an “accidental hero”.
However, as first reported by Motherboard, there’s been a sudden twist in the tale – one that paints the protagonist as more of an anti-hero. Marcus Hutchins, known online as “MalwareTechBlog” has been arrested in Las Vegas, and the FBI has indicted him on charges of both creating and selling malware that is designed to steal financial data and credentials.
The centerpiece of the investigation is on something named “Kronos”. First seen for sale on a Russian cybercrime forum back in 2014, it caught the attention of plenty of security experts because of its price tag: $7,000, about 10 times more than the average. It appears that not only was this collection of code state-of-the-art, but the hacker that manufactured it offered their continuous tech support throughout.
It’s a type of Trojan horse application, meaning that it imitates a harmless piece of software before unleashing its virus from within the infiltrated device. It was often sent by email as an attachment that doomed the users’ computers the moment they clicked on it, stealing their financial log-in details without leaving any trace of the crime.
Hutchins is now being accused of being the progenitor of Kronos. He allegedly made it and sold it via a now-defunct Dark Web site, as noted by BuzzFeed News. He’s also being charged with advertising the software via YouTube.
It’s worth pointing out that Kronos is still an extant threat, lingering online – so perhaps this arrest will assist the federal government in stamping it out. However, at present, there’s no publicly available evidence to support or undercut these allegations, but as the FBI are involved, it’s clear they’re taking things very seriously.
Some cybersecurity experts have expressed fascination at the revelations, whereas others have been scouring through the indictment and have concluded that Hutchins may not be as guilty as he seems. One suggestion is that he contributed some code to a program that then later, and separately, culminated in the creation of Kronos, without Hutchins being aware of this evolution.
Watch this space.