This article was published on August 3, 2017

FBI arrests security expert who stopped WannaCry ransomware attack (Updated)


FBI arrests security expert who stopped WannaCry ransomware attack (Updated) Image by: Shutterstock

MalwareTech, the security researcher who stopped the spread of WannaCry ransomware, has been detained following a trip to DEF CON in Las Vegas.

A friend, who spoke to Motherboard under condition of anonymity, said,

I’ve spoken to the US Marshals again and they say they have no record of [MalwareTech] being in the system. At this point we’ve been trying to get in contact with [MalwareTech] for 18 hours and nobody knows where he’s been taken.

The friend added that, when they attempted to visit MalwareTech shortly after he was first detained, he’d already been moved. No one seems to know what he’s been charged with, if anything.

At time of writing, Andrew Mabbitt of Fidus Security said he’d located MalwareTech in the FBI field office in Nevada, and was hoping to get him a lawyer.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

MalwareTech’s real name and personal information was revealed by British press shortly after he figured out how to stop WannaCry. I’m still using his handle out of continued respect for his privacy.

But I have to wonder — would this have happened if they’d left him alone?

Update 3pm CST: It’s been revealed that US prosecutors detained MalwareTech for allegedly making and selling banking malware known as Kronos. They claim he and a co-conspirator created the program between July 2014 and July 2015. You can read the full indictment here.

Get the TNW newsletter

Get the most important tech news in your inbox each week.