MalwareTech - The guy who helped to stop WannaCry - has been Detained in the US (UPDATED: arrested for the advertisement and sale of illegal hacking )

[Grinners]

15 minutes ago, LAwLz said:

Where did you get that info from? Not even the Indictment says he advertised and sold hacks. It says MalwareTech made a Trojan which some yet-to-be-named person advertised and sold.

From the original post:

 

 

11 hours ago, Alexp10v2 said:

So - an update has come out from a different source

(https://www.theguardian.com/technology/2017/aug/03/researcher-who-stopped-wannacry-ransomware-detained-in-us)

In which it claims that Marcus Hutchins is alleged to have helped "create, spread and maintain the banking trojan Kronos between 2014 and 2015."

 

The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft word documents and hijacks credentials like internet banking passwords to let its user steal money with ease.

 

 

UPDATE TIME #2:

Just released via SkyNews Twitter:

Turns out he was arrested for the advertisement and sale of illegal hacking tools.

 

[LAwLz]

30 minutes ago, Grinners said:

From the original post:

While that statement might not be entirely false but I think it is easy to jump to conclusions while reading it.

It could be argued that he helped causing it to spread by creating it to begin with, but that does not tell us the intent and extent.

Like I said before, he has quite a few tools which could be used for malicious purposes on his Github page, but those were created in order to test things and educate people, not with malicious intentions in mind.

 

I am not saying this is the case, but it is possible that MalwareTech did not intend for the Trojan he created to be used with malicious intentions. After all, the document says that he did not sell or advertise it. All it says is that he wrote it, while someone else advertised and sold it.

 

I think it would be best to wait for more evidence before making up our minds whether or not he is guilty.

 

 

Here is a good analysis of the case in terms of legal terms while we wait for more facts to come out.

The Kronos indictment: Is it a crime to create and sell malware?

 

If the indictive is anything to go by (which is all we got right now) then the US government is stretching the definitions of their laws quite a lot.

 

 

 

Edit: It is also worth mentioning that there has been no evidence posted so far that actually proves he had anything to do with the creation of Kronos.

Back in 2014 he actually asked if someone had Kronos. Maybe that was a cover-up, or maybe he actually didn't have the Trojan and needed someone to send it to him for analysis purposes.

 

[Dionyz]

12 hours ago, Billy_Mays said:

Fucking idiots the world could've been a different place right now if it wasn't for him

Do you really think he will be in prison? The government will utilize his talent since he is better than them. But he is no longer a Free man. Government likes control. They were not in control when this all happened. What do they do? Take the person that has the control. 

 

Problem is he is a nobody. FBI tried to pull that BS on Apple. It didn't work out that way, but they found a way to break into the iphone without apple, and that's why they dropped the trial. 

[LAwLz]

6 minutes ago, Dionyz said:

Do you really think he will be in prison? The government will utilize his talent since he is better than them. But he is no longer a Free man. 

Stephen Watt was sent to prison for 2 years for writing a packet sniffer which was then used by criminals to hijack credit card numbers.

 

Samy Kamkar was not allowed to touch a network connected computer for 3 years after the Samy worm (he was allowed to keep using one computer as long as it was never connected to a network).

 

US courts often want to make examples out of people by punishing them very harshly. It is entirely possible that they would be willing to sacrifice one smart person if it meant fewer people dared to do security research (assuming that is a goal they have in mind, I am just making a point).

[Doobeedoo]

Wow just wow, terrible. 

[Guest]

I would have to agree that the US law enforcement's are punishing him to the extreme, especially if he is recieving a 40 year jail sentence if found guilty. You could give him credit for stopping multiple Wannacry attacks, but in the end, he did develop his own malicious malware that was sold on the internet to the extent where he stole other peoples banking details and stealing their money.   

[Brooksie359]

Doesn't the government know that you have to be a hacker to stop a hacker?

[Kamina]

I would have pardoned him. 

 

Nah jk. Force him to join the CIA!

[spartaman64]

they are probably going to blackmail him into working for them lol

[LAwLz]

5 hours ago, TheBeastPC said:

he did develop his own malicious malware that was sold on the internet to the extent where he stole other peoples banking details and stealing their money.   

Allegedly.

I have so far not seen any evidence to support that claim. Even if it is true, intent has to be taken into consideration. otherwise you essentially outlaw security research, legitimate white hat businesses, penetration testing, and many other things which are not only harmless, but also beneficial to society.

[mr moose]

1 hour ago, LAwLz said:

Allegedly.

I have so far not seen any evidence to support that claim. Even if it is true, intent has to be taken into consideration. otherwise you essentially outlaw security research, legitimate white hat businesses, penetration testing, and many other things which are not only harmless, but also beneficial to society.

I'm sure his lawyers will be the first to demand the evidence and make it publicly know if there isn't any.   Watch this space for now I guess.

 

[Trik'Stari]

Remember kids, only the government is allowed to have knowledge and power.

[Tech_Dreamer]

Seems this has to do with ties with the recent seizure of alphabay , The allegations does have some gravity to it . technically his hands aren't clean enough for a free pass.

 

Quote

Hutchins was accused of being involved in the creation and distribution of the Kronos banking Trojan. The malicious software, or malware, was designed to garner usernames and passwords of users on banking websites. Once a machine was infected, the malware allowed the hacker to log the details.

 

Kronos was active in Canada, Germany, Poland, France, and the United Kingdom, among others countries, the U.S. Department of Justice (DOJ) said.

The banking Trojan was first made available through some internet forums in early 2014, and was marketed and distributed through AlphaBay,