UK Security Researcher Who Stopped WannaCry Outbreak Arrested in US

Zack Whittaker, reporting for ZDNet: A security researcher who in May stopped an outbreak of the WannaCry ransomware has been arrested and detained after attending the Def Con conference in Las Vegas. Marcus Hutchins, 23, a British national, was arrested at Las Vegas airport on Wednesday by US Marshals, several close friends confirmed to ZDNet. A friend told ZDNet that he was "was pulled by Marshals at the lounge" after clearing security. He was briefly detained in a federal facility in Nevada until he was moved. "We went to see him this morning and we had already been moved," said the friend. Hutchins is now understood to be in custody at an FBI field office in the state. Motherboard first broke the story on Thursday. Update: A Motherboard reporter tweets, "Here's the indictment accusing @MalwareTechBlog of running the Kronos banking malware."
Update 2: New DOJ statement: Gregory J. Haanstad, United States Attorney for the Eastern District of Wisconsin, announced that on July 11, 2017, following a two-year long investigation, a federal grand jury returned a six-count indictment against Marcus Hutchins, also known as "Malwaretech," for his role in creating and distributing the Kronos banking Trojan.

Re:What's what!?

[PPH]

WannaCry was built on top of an NSA exploit that had been leaked. A part of that NSA package was the kill switch that Hutchins discovered and published. He may have had nothing to do with WannaCry's development or propagation. But he caused a TLA to lose one of it's fun toys. And for that, he will be punished.

When agencies get this far out of control, it's time to shut them down.

Re:Loss of revenue

[TechyImmigrant]

Don't they understand? Doing shit like this means we won't have DefCon in the U.S. any longer. Think of the hotels and all the revenue we'll be missing!!! Does Trump know about this?

This is becoming necessary. Similarly for more academic crypto conferences. They split their locations evenly between Europe, Asia and the US which in addition to sharing the travel pain, allows people to avoid countries that might try to prosecute them for being a security researcher. DefCon and BlackHat need to move about so they can be available to researcher that would otherwise be unable to travel there.

Re:What's what!?

[iced_773]

I'd like to see the actual indictment

Aaaaand here it is.

Re:What's what!?

This is dumb and wrong. The NSA didn't create the malware, nor the kill switch within it.

What the NSA did that is relevant to the issue being discussed is to know about the Windows SMBv1 vulnerability and not tell Microsoft, and created an exploit to use the vulnerability. The SMBv1 exploit is simply a tool used by the malware, and the malware itself was coded to have a kill switch, separate parts.

If the NSA had disclosed the vulnerability after finding it, we probably wouldn't have had the WCry malware outbreak, because patches would have been out a lot sooner to plug the hole.

Pedantry

[Tenebrousedge]

"Begging the question" is a bad translation of petitio principii, which is itself a bad translation from Greek sources. Linguistically there isn't really a right answer here. The exact meaning is almost always clear from context, and the usage is very much moving away from the "scholarly" definition. Given that there's not an absolutely correct position on this issue, I think that it's best to avoid using the phrase oneself, and tolerate its use or misuse with others. And if the argument you are responding to does not directly hinge on a point of meaning, it's probably just as well to avoid raising the subject. Life is too short for needless semantic arguments.