Prime News Ghana

British computer expert who stopped WannaCry ransomware attack that hit NHS detained

By Michael Abayateye
Marcus Hutchins
Shares
facebook sharing button Share
twitter sharing button Tweet
email sharing button Email
sharethis sharing button Share

The British computer expert who stopped the WannaCry ransomware attack that wreaked havoc around the world and hit NHS computers has been detained by the FBI in Las Vegas, according to reports.

Marcus Hutchins discovered a 'kill switch' for the virus after it paralysed thousands of NHS computers and claimed hundreds of thousands of victims around the world - including US courier service FedEx and German rail company Deutsche Bahn - in May.

But now the internet hero, also known as MalwareTech, has been arrested in Nevada, according to Motherboard.

It is unclear what charges - if any - the 23-year-old from Ilfracombe, Devon, now faces. 

He was being held at the Henderson Detention Center but has since been moved to another facility, a friend has said.

Hutchins was in Las Vegas for the Black Hat and Def Con hacking conferences.  

The friend said: 'I've spoken to the US Marshals again and they say they have no record of Marcus being in the system. 

'At this point we've been trying to get in contact with Marcus for 18 hours and nobody knows where he's been taken.'

The anonymous friend added: 'We still don't know why Marcus has been arrested and now we have no idea where in the US he's been taken to and we're extremely concerned for his welfare.'

A US Marshals spokesman told Motherboard that Hutchins was arrested by the FBI, but the Bureau has not responded to requests for a comment. 

The National Crime Agency in the UK said they were aware of the arrest. 

Hutchins, who works for Los Angeles-based firm Kryptos Logic, spent the weekend in May fighting off the ransomware attack - but stressed he is not a 'hero'. 

The security worker spent £8 registering the domain name the virus tried to connect with when it infected a new computer and pointed it at a 'sinkhole server' in Los Angeles.

It caused the malicious software to enact an 'emergency stop', immediately halting its spread - but at first the cyber expert feared he had actually made the virus epidemic worse.

He said: 'Essentially they relied on a domain not being registered and by registering it, we stopped their malware spreading.' 

Speaking of the moment he stopped the virus, the anti-malware expert previously told MailOnline: 'It should have been really nice but someone had made a mistake and told me that our registering of the domain actually caused the infection.

'When I found out that it was actually the opposite it was more a relief.'

North Korea has been linked with the attack, but in May an official from the authoritarian regime said talk of a connection was 'ridiculous'.

Credit: Daily Mail