Mistaken Identity Fraud

We live in strange times indeed. It was reported yesterday that the arch white-hat hacker, or as some prefer ‘security researcher’ Marcus Hutchins, you remember the guy who, err accidentally stopped the WannaCry outbreak in its tracks by registering a ‘kill domain’ which was present in the malware code, has had his collar felt by none other than the FBI.

Hutchins was returning from the Las Vegas hosted hacking conferences Black Hat and Def Con and is reported to have been about to board a plane home when the long arm of the law tapped him on the shoulder and whisked him away to places we can only imagine are the total opposite of the bright lights and glamour of the Vegas Strip and not in a good way!

Hutchins was not nicked for anything to do with WannaCry, and why should he have been? He saved humanity from certain doom. Instead he was tugged for creating nothing less than the Uber Banking Trojan Kronos.

The indictment, which some of the sleuths amongst you will notice comes just weeks after the takedown of the AlphaBay and Hansa Dark Web (mwahahaha) sites, accuses Hutchins and one other party (details obscured) of creating Kronos, advertising Kronos on ‘internet forums’, like err AlphaBay and receiving monies from Kronos punters.

Wow, that is pretty specific stuff that must be backed up by significant amounts of evidence. The indictment refers to a video that Hutchins and his accomplice made about how Kronos works which was posted on YouTube and subsequently removed.

In what can only be yet another complete coincidence, and you all know that here at ITC towers we are massive fans of Pixies, Leprechauns, Unicorns and coincidences, between the 24th July and the 3rd of August the WannaCry perpetrators removed the 108 Grand in their poisonous bitcoin coffers. Fancy that.

Now we struggle to understand if someone smart enough to create Kronos and defeat WannaCry in a single blow would be silly enough to either make and post a YouTube video, or travel to the USA where with even a whiff of suspicion their movements and comms would surely be snooped on 24×7?

That would be as foolish as the fictional hacker, played by Richard Pryor in Superman 3, who reveals his newly found wealth from rounding down half cents from all of Webscoe’s accounts and directing them to himself, by arriving to work in a Ferrari. Well almost as foolish.

Andrew Mabbitt, a friend of Mr Hutchins and founder of Fidus security is getting a lawyer to be paid for by crowd funding. If you are interested in helping out a fellow security professional, keep an eye on Mabbitt’s twitter.

As we suggested last week the takedown of AlphaBay and Hansa would lead to the feeling of many collars. Is this the beginning? Is Marcus Hutchins innocent? What do you think?

If you would like to discuss anything in this blog, please contact us at: [email protected] or call 020 7517 3900.