The self-taught computer-security researcher credited with stopping a devastating cyberattack in May was arrested on charges that he created malware used to hack banking systems in Canada and Europe, the U.S. said.
Marcus Hutchins, who has blogged under the pseudonym MalwareTech, was arrested Wednesday in Las Vegas, the Justice Department said Thursday in a statement that announced he was indicted in July on several charges of computer misconduct relating to the creation and distribution of the Kronos banking trojan.
Eva Galperin, director of cybersecurity for the Electronic Frontier Foundation, said the San Francisco-based legal advocacy group is trying to reach out to Hutchins.
“The EFF is deeply concerned about the arrest of Marcus Hutchins, a security researcher known for shutting down the WannaCry ransomware,” said Jeanne Carstensen, a spokeswoman for the group. “We are looking into the matter, and are reaching out to Hutchins.”
In May, a large-scale ransomware attack dubbed WannaCry spread malicious software to about 300,000 computers in 150 countries, where access to data was blocked unless a ransom was paid with bitcoins. The U.K.’s National Health Service, FedEx Corp., Nissan Motor Co. and Renault were among entities impacted. The fallout for European companies affected in global cyberattacks has proven costly.