Security Researcher who stopped Wannacry detained in the US

alias454

There aren't any real details on why he was detained, it just notes he was.
https://motherboard.vice.com/en_us/article/ywp8k5/researcher-who-stopped-wannacry-ransomware-detained-in-us-after-def-con

Seems to be some more info https://www.theguardian.com/technology/2017/aug/03/researcher-who-stopped-wannacry-ransomware-detained-in-us

ITSec14

"We would like to offer you a job at the FBI"

markulous

Yeah, I've followed him on Twitter for a while and he's had good info. He's not guilty yet, so I'll reserve judgement until I hear more.

TechGromit

I doubt it's to "offer him a job", there are far more effective methods recruiting talent. It may be entirely possible that he's analyzing malware by day and writing it by night. He will not be the first person that played both sides of the field.

ITSec14

TechGromit wrote: »

I doubt it's to "offer him a job", there are far more effective methods recruiting talent. It may be entirely possible that he's analyzing malware by day and writing it by night. He will not be the first person that played both sides of the field.

I'm not saying it's probable, but I'm also not saying it's improbable lol. China and North Korea have vast numbers of people trying to hack us everyday, why not capture a few of the baddies and convince them to work for our government? That movie Catch Me if You Can is a good example.

cyberguypr

Read somewhere that it was related to him creating and spreading Kronos malware.


Indictment here: https://www.documentcloud.org/documents/3912520-Marcus-Hutchinson-Indictment.html

TechGromit

cyberguypr wrote: »

Read somewhere that it was related to him creating and spreading Kronos malware.

Ha!, I called it. Just read it on CNN tech Page, seems like a pretty common situation. Ultra smart nerd gets into cyber crime, wises up get into business, gets nailed later for mistakes of the past.

wastedtime

While I reserve judgement I would like to point out some information:

- The indictment is related to Kronos malware and he was picked up yesterday.

- Today between 1500 and 1515 today all three WannaCry bitcoin wallets were emptied. That is within 36 hours of when they picked him up.

- The Indictment was written up on the 12th of July. WannaCry was still fairly new at that time and they wouldn't have been able to collect all the info by then. This looks like it may have been based mostly off of alphabay info which probably wouldn't have had anything about WannaCry.

- WannaCry starts wrecking havoc and who is the first one on it?

Again, not saying he did it but it doesn't look good to me.

TechGromit

I never suggested he had anything to do with Wannacry as far as creating / profiting from it. He may be a Wannacry hero, but that doesn't get him a get out of jail free card for creating less well known malware and releasing it to the world. I could write all the malware I want, or counterfeit currency for that matter, so long as I don't release it on the internet / networks i don't own, or try to exchange my counterfeit money for goods and services, than I didn't violate any laws.

ITSec14

TechGromit wrote: »

I never suggested he had anything to do with Wannacry as far as creating / profiting from it. He may be a Wannacry hero, but that doesn't get him a get out of jail free card for creating less well known malware and releasing it to the world. I could write all the malware I want, or counterfeit currency for that matter, so long as I don't release it on the internet / networks i don't own, or try to exchange my counterfeit money for goods and services, than I didn't violate any laws.

I wouldn't want to find out the possible consequences of that scenario lol. The way I see it...writing malicious code could be enough to charge someone with intent. It's probably not likely, but under this administration you never know.

Blucodex

Yikes. If he's innocent he's still doing 1+ years in jail awaiting trial.

Blucodex

ITSec14 wrote: »

I wouldn't want to find out the possible consequences of that scenario lol. The way I see it...writing malicious code could be enough to charge someone with intent. It's probably not likely, but under this administration you never know.

A security researcher writing malicious code, what are the oddds! Despite the injustices at the local level I would like to think the FBI only charges when they have some concrete evidence of intent.

cyberguypr

Trusting FBI? Two words: Ruby Ridge.

blatini

Blucodex wrote: »

Yikes. If he's innocent he's still doing 1+ years in jail awaiting trial.

If he gets the trial in a year he would be very lucky.

Blucodex

cyberguypr wrote: »

Trusting FBI? Two words: Ruby Ridge.

Right, even if they were/are guilty to do all that over some shotguns 1" too short....

scaredoftests

payback's a *****

TechGromit

Blucodex wrote: »

Yikes. If he's innocent he's still doing 1+ years in jail awaiting trial.

Don't see why he wouldn't make bail, just take his passport preventing him from leaving the country. With the type of job he has, he can work from anywhere, his employer can send him a password protected zip of potential malware to analyze.

ITSec14

Blucodex wrote: »

A security researcher writing malicious code, what are the oddds! Despite the injustices at the local level I would like to think the FBI only charges when they have some concrete evidence of intent.

We would all like to think that. I'm sure federal law enforcement does a lot of good, but they have crossed the line plenty of times too.

alias454

It seems he will be able to post bail but will be required to live in some kind of halfway house in Wisconsin. His passport will be held and his use of computers is revoked until this is over.

https://www.theregister.co.uk/2017/08/04/marcus_hutchins_wannacry_kronos_court_bail/
https://www.facebook.com/jdcrunchman/posts/10155841447539416

@cyberguypr I was expecting two different words

GeekyChick

I imagine he will get out of prison time by securing a deal to work with the FBI. He's probably wishing he never came to the USA.

TechGromit

alias454 wrote: »

.... his use of computers is revoked until this is over.

Don't agree with this, how can they deny someone from making a living until the trial? Isn't he innocent until proven guilty? I can see restricting his use of computers if he's convicted, as part of parole after prison, but to deny someone access to computers when it's required to perform his job is unfair, what's he suppose to do get a job at Walmart till his trial date?

thomas_

The article alias linked to said he wasn't supposed to use the internet. What the actual restriction is, I have no idea. I suppose he could bill himself out as a malware consultant without actually touching a computer. I think Kevin Mitnick had an assistant do all of his email for him when he was restricted from using computers.

In practice everyone is guilty until proven innocent...

Consulting/independent contracting might be the only legal way to gain employment. I don't think they have a special work visa for non-US citizens who have their passports revoked and are forced to stay in the country indefinitely or maybe they do...who knows?

EagerDinosaur

The Kronos software is alleged to have been sold in 2015. Perhaps he's a bit of a poacher-turned-gamekeeper, but the poaching he did a couple of years ago is catching up with him. I imagine black-hat lifestyle rapidly becomes less attractive and more risky as a person moves from their teens into their twenties.

TechGromit

GeekyChick wrote: »

I imagine he will get out of prison time by securing a deal to work with the FBI.

The days of avoiding prison time by working for the FBI are long over when it comes to hacking. It was once possible to work out such a deal in the early days of computer crime, but there more than enough expertise now in the FBI, today, computer crime equals prison.

DatabaseHead

TechGromit wrote: »

I doubt it's to "offer him a job", there are far more effective methods recruiting talent. It may be entirely possible that he's analyzing malware by day and writing it by night. He will not be the first person that played both sides of the field.

Precisely

Remember the old school fuzz busters made by Bell? Didn't they also make the radar guns themselves?

TheFORCE

Interesting investigation by Kerbs on Security tieing past activity on hack forums to real identity.

https://krebsonsecurity.com/2017/09/who-is-marcus-hutchins/