GCHQ ‘Knew’ WannaCry Hero Was Walking Into A Trap


Spy officials knew Marcus Hutchins, the ‘hero’ who accidentally disabled the WannaCry malware, would probably be arrested in the US, says a report

British intelligence officials were aware that UK computer security researcher Marcus Hutchins was being investigated by the FBI and was likely to be arrested when he travelled to the US last month, according to a report.

Hutchins first made headlines in May when he inadvertently stopped the WannaCry ransomware from spreading further, after it had already caused damage to the NHS and other organisations across more than 100 countries.

‘Extradition headache’ averted

He was arrested by the FBI on 2 August in a Las Vegas airport while attempting to board a plane to return to the UK.

Hutchins, 23, of Ilfracombe in North Devon, faces six charges related to his alleged creation and distribution of the Kronos malware, which steals banking and other information from users’ computers, and faces up to 40 years in prison if convicted. The charges relate to activities between July 2014 and July 2015. He has denied any wrongdoing.

FBI agent - Shutterstock - © Peter KimAn unnamed source familiar with the case told The Sunday Times that the arrest allowed the British government to avoid the “headache of an extradition battle” with its ally.

“Our US partners aren’t impressed that some people who they believe to have cases against (them) for computer-related offences have managed to avoid extradition,” the source is quoted as saying. “Hutchins’s arrest freed the British government and intelligence agencies from yet another headache of an extradition battle.”

Hacking charges

Gary McKinnon, 51, was accused by US prosecutors in 2002 of carrying out the “biggest military hack of all time”.

After a 10-year extradition battle Theresa May, then home secretary, in 2012 withdrew his extradition order, arguing there was “no doubt” McKinnon, who has Asperger’s syndrome, was “seriously ill”.

Laurie Love, 32, was indicted by US attorneys in 2013 on hacking charges and won the right to appeal in April.

Hutchins was granted bail on 5 August and appeared in court in Milwaukee, Wisconsin last week. He is now allowed to access the internet and continue working, but is under house arrest and must wear a GPS tracker.

Hutchins, known online by the handle MalwareTech, is currently in Los Angeles, where his employer Kryptos Logic is based, and is expected to live there until his trial begins in October.

He has returned to posting updates on Twitter, but said he is barred from discussing the case.

“Daily life of someone who’s just unwillingly moved out of parents house and to another country with no ID or house would make a great blog,” he wrote. “Unfortunately it probably overlaps with the rule of ‘don’t talk about your case’.”

Put your knowledge of artificial intelligence (AI) to the test. Try our quiz!