WannaCry “Hero” Arrested for Creating Other Malware

Megalith

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
Remember Marcus Hutchins, AKA MalwareTech? He was the guy who stopped WannaCry from spreading by registering a specific domain included in the ransomware’s code. Unfortunately, his fame has now turned into infamy: he has been arrested by the FBI for conspiring to advertise and sell Kronos banking malware.

On Wednesday, 22-year-old Marcus Hutchins -- also known as MalwareTech -- was arrested in Las Vegas for "his role in creating and distributing the Kronos banking Trojan," according to a spokesperson from the U.S. Department of Justice.The charges relate to alleged conduct occurring between July 2014 and July 2015. According to an indictment provided to CNN Tech, Hutchins created the malware and shared it online. Earlier this year, Hutchins became an internet hero when he helped stop WannaCry, a cyberattack that targeted over 150 countries.
 
nvgrim said:
being good doesnt make you rich.
Click to expand...

I just watched Founder with Micheal Keaton. Great movie.

Great quote from Founder; "Business is war. It’s dog eat dog, rat eat rat. If my competitor were drowning I’d walk over and I’d put a hose right in his mouth. Can you say the same?"
 
What a fool. If you have any type of criminal past (not yet found out), you don't play the role of hero.

Of course the FBI was going to deep dive into his rearend to exclude him as the WannaCry guy.
 
So, the NSA makes viruses, and it okay. But the man who stopped it get jailed for the same crime by another government agency because????
 
please guys innocent until proven guilty. there are very causal links between him and an old service he may or may not have run in 2014. Most people are very keen to point out that he may have been young and stupid and changed his ways. Others note that on the IRC chats touchme and malwaretech had two diff personalities and malwaretech had a more popular handle he used. Most Security researchers (white hats, black hats) see this as a bad thing, as they arent going after people like Talos, or fuzzybear, or apt28, but instead a dude who may have done a thing a while ago. Most common theory is that the person selling kronos on alphabay ratted him out.
 
Amit Serper an israeli researcher who was involved in the OSx situation a while ago, tells me "wtf i have the names of all the people that pwned osx, and IL does nothing, meanwhile FBI goes after marcus?"
 
Remember, there's a difference between "having names" or going after APT groups, and grabbing a dude who voluntarily came to the US. I'm sure if the Feds were gifted a chance to pull in people from any of those groups, they'd do so. The fact that it was easy to grab a person of interest because he came into our jurisdiction doesn't mean they don't want other people too. They just can't get China or Russia (or whoever) to cough up people who are (wink wink, nudge nudge) merely patriotic citizens who have done nothing wrong and have no affiliation with the government. It also doesn't imply that we don't do the same thing back to them whenever we can, because I'm sure we do. This was just taking the low-hanging fruit that was presented.
 
but thats precisely the problem here, if you know your neighbor sells heroin, and your son sells 100 dollars worth of weed a week, and the cops come and bust your son, you would look around and wonder what the fuck was going on.
 
If your neighbor lived on the other side of the city line and it was the town cops, it would be the same situation. The Feds can't arrest foreign nationals unless they either come here (like this guy) or their government wants to play ball. It isn't a situation where getting to any of these individuals requires the same amount of effort and they picked on a little fish. It's a situation where they have zero chance of getting the other people to get deported to us and this guy jumped into the net on his own. Again, it's not some conspiracy theory against the guy, it's that he voluntarily came to the US and made their jobs incredibly simple. If anyone from fancybear or whatever showed up in Vegas to party down for the weekend, you can bet your ass they'd be in a field office too.
 
I would wager that, as with many intelligent people, he never really gave a second thought to being caught. "I'm a super-smart guy and I covered all my bases, they could never know." Well, now *he* knows. Assuming he actually did something. If he didn't then yeah, I bet he *really* didn't expect to get arrested for creating something he didn't.

And yes, this was a "mize well" snatch. Some guy who is accused of making malware that isn't (at least as far as I know) actually even in use any more was hanging out a few miles away from a field office. I mean, if he actually did it then, yeah, he broke the law ok. Still not in the same league as many of the current threat groups, and it's impossible to tell right now if he actually did anything or not. We'll see if he gets a court date or gets cut loose.
 
Queue the consipracy theorists... Wannacry was a government hack and he was arrested in retaliation. He is now being offered a job in exchange for his freedom.
 
spugm1r3 said:
Queue the consipracy theorists... Wannacry was a government hack and he was arrested in retaliation. He is now being offered a job in exchange for his freedom.
Click to expand...

Nah! He was arrested due to "aggresive recruiting" tactics. :) They were probably more impressed than pissed. Unless the indictment is true and he coded up Kronos.
 
ecktt said:
So, the NSA makes viruses, and it okay. But the man who stopped it get jailed for the same crime by another government agency because????
Click to expand...

Because the NSA is part of the DoD and is called on to act in times of war and peace in support of the Military?

You might as well try and draw the same parallel with killing in war and murder, see if that pig flies.
 
Last edited:
In the end it's not intent that matters, but hows it's used. He'd probably be doing quite well if he just got a lawyer and sold custom malware to national governments not on export restriction lists. I hear our good buddy South Korea likes to monitor its minority political parties..
 
Miikun said:
In the end it's not intent that matters, but hows it's used. He'd probably be doing quite well if he just got a lawyer and sold custom malware to national governments not on export restriction lists. I hear our good buddy South Korea likes to monitor its minority political parties..
Click to expand...

If you use the web...you are being watched and monitored period.

The 1% gotta keep us under control to weed out the bad apples when required.
 
You must log in or register to reply here.
Back
Top