Marcus Hutchins - Credit NorthSec
However, the FBI was unconcerned with this good deed. Instead, the FBI arrested Hutchins for his alleged part in the Kronos banking malware which made the rounds for a one-year period between July 2014 and July 2015. The arrest took place in Las Vegas, where Hutchins was just about to board a plane to head back to the UK after attending the Black Hat and Def Con conferences.
He is accused of both creating and distributing Kronos with an unnamed coconspirator. According to the indictment [PDF], Hutchins and his partner peddled the trojan on the dark web and through the [now shuttered] AlphaBay marketplace. Kronos was oftentimes distributed using phishing emails and would lead unsuspecting computer users to fraudulent websites that while designed to look like legit banking institutions, would instead nab a user’s credentials in order to drain their accounts.
I have arrived at <Undisclosed Location> pic.twitter.com/zyRBkRQtZI— MalwareTech (@MalwareTechBlog) July 21, 2017
The FBI and other agencies have reportedly been on Hutchins’ trail for the past two years, and he just so happened to “land” in their laps with his visit to Nevada. As for UK authorities, they seem to be rather unconcerned about the situation, with a spokesperson for the country’s National Crime Agency writing in an email to Motherboard, “We are aware a UK national has been arrested but it's a matter for the authorities in the US.”