By Aaron Kesel
A hacker known online by his alias “malwaretechblog,” Marcus Hutchins, 22, who was able to infamously turn off the WannaCry ransom virus which encrypted its victims’ computers, has been arrested after DEF CON by the FBI for allegedly “masterminding” Kronos, a “banking trojan,” and charged on 6 counts according to a court indictment document.
The indictment states that British citizen, Hutchins, “knowingly conspired and agreed” with another redacted individual to “cause the transmission of a program, information, code, and command and as a result of such conduct, intentionally cause damage to 10 or more protected computers.”
Hutchins was further accused of “advertising Kronos” and selling it on AlphaBay, the now shut-down darknet market that President Donald Trump issued to be shut down according to a DOJ press release.
The FBI alleges that Hutchins uploaded a video demonstrating the functionality of Kronos on July, 13th, 2014 and then in August 2014 offered to sell it for “$3,000.”
Support has already grown online calling for the release of Marcus Hutchins with the hashtag #FreeMarcusHutchins started by OpStandUpToCFAA and AaronsLaw2017.
CFAA is a controversial draconian computer crime law that can be twisted to whatever way the prosecutors see fit.
Even first-time offenses for accessing a protected computer without sufficient “authorization” can be punishable by up to five years in prison each (ten years for repeat offenses), plus fines. Violations of other parts of the CFAA are punishable by up to ten years, 20 years, and even life in prison – more years than any other federal conviction including rape and murder.
The EFF has called to reform the infamously problematic Computer Fraud and Abuse Act (CFAA.)
“Creative prosecutors have taken advantage of this confusion to bring criminal charges that aren’t really about hacking a computer, but instead target other behavior prosecutors dislike,” EFF wrote.
That proposal became known as Aaron’s Law if you want to find out more about Aaron’s law you can visit the Twitter account AaronsLaw2017.
Andrew Mabbitt, Hutchins’s friend confirmed to Motherboard that Hutchins is currently detained at the FBI’s field office in Las Vegas, awaiting arraignment at 333 Las Vegas Blvd. South at 3 P.M. PST.
Hutchins was able to stop the WannaCry ransomware by registering a domain he found in the source code for its kill switch The Hacker News reported.
Arrest indictment below: