GCHQ WAS AWARE THAT Marcus Hutchins, the security researcher who helped to stop the spread of the WannaCry ransomware, was 'walking into a trap' when he attending Defcon in the US last month.
The Sunday Times reports that GCHQ knew that Hutchins was under investigation by the FBI for his role in creating the Kronos banking trojan in 2014 before he flew to the States in July.
"Officials at the intelligence agency knew that Marcus Hutchins, from Devon, who was hailed as a hero for helping the NHS, would be walking into a trap when he flew to the US in July for a cyber-conference," the report states.
A source said that the arrest, on the 2 August, meant that the British government did not have to deal with the "headache of an extradition battle" with its ally.
Hutchins, who tweets as @MalwareTechBlog, is said to have helped to create the little-known banking trojan three years ago. Access was sold for $7,000 at a time, and the software focused on stealing banking credentials from compromised computers. The form-grabbing and HTML content injection element of Kronos was spread via phishing emails.
Kronos also offered modules for evading detection and analysis, and buyers were even given an option to try it for a week for $1,000.
Hutchins pleaded not guilty in the case, brought to court in Milwaukee after being released on bail from custody in Las Vegas, but has admitted to writing part of the malware in question. He now faces six charges and up to 40 years in prison.
A source told The Sunday Times: "Our US partners aren't impressed that some people who they believe to have cases against [them] for computer-related offences have managed to avoid extradition. Hutchins's arrest freed the British government and intelligence agencies from yet another headache of an extradition battle."
Hutchins, as can be seen from his Twitter, is currently living in LA while he awaits trial. µ
We'll soon have EUV to thank for smaller chips and better phones
Just two years after he co-founded the non-profit AI safety group
Firm claims devices will allow 'untethered VR from anywhere in the world'
The file-sharing web and desktop clients could have shared a little too much