By: James Felton/IFL Science On the 14th of May, one of the biggest ransomware attacks in history took place. Organizations such as the UK’s National Health Service (NHS) and FedEx were hit by an attack of unprecedented scale.
The ransomware encrypted countless NHS files, demanding ransom money for them to be unencrypted, and caused widespread chaos in all the organizations it hit.
But then a 22-year-old figured out how to hit a kill switch on the ransomware, stopping it from spreading any further. Marcus Hutchins, a security expert from an English coastal town, discovered a domain name within the ransomware’s source-code. On a hunch, he bought the domain name for an extremely affordable $10.69.
Immediately after he bought the domain name, computers affected by the attack began connecting to the URL, and within hours people’s files became accessible again. The attack was stopped in its tracks, deactivated by the kill switch found by Hutchins.
Since then, Hutchins, who failed his Information Technology course in high school after being accused of hacking (which he denies), has been rewarded by HackerOne with a $10,000 payout, which he decided to give to charity.
“I plan on holding a vote to decide which charities will get the majority of the money,” he told HackerOne. “The rest will go to buying books/resources for people looking to get into infosec who can’t afford them.”
Then came the bad part.
Since stopping the attack, Hutchins has been hounded by the press and had all his details leaked to the public.
I knew 5 minutes of fame would be horrible but honestly i misjudge just how horrible…. British tabloids are super invasive.
— MalwareTech (@MalwareTechBlog) May 20, 2017
Journalist doxed a friend then rang them offering money for my gf's name and phone number, one turned up at another friend's house.
— MalwareTech (@MalwareTechBlog) May 20, 2017
Tabloids here don't care about the story, they care about every detail of the person behind it and will go to extreme lengths to find out.
— MalwareTech (@MalwareTechBlog) May 20, 2017
Hutchins says he’s found his five minutes of fame “horrible” and has since taken steps to find out how the press hunted him down in the first place. Hutchins, who clearly knows his stuff when it comes to cybersecurity, says there’s no way he could have protected himself against it.
He has received messages of support from his followers, who expressed their dismay at the British press for following him and likened it to the behavior of a stalker.
People also suggested that he and others should “dox” the journalists involved, which means searching for private information about them and publishing it online.
Hutchins has asked his followers not to do this, and says he just wanted to let everyone know that he hadn’t sought out the spotlight and wished to avoid it as much as possible.
The point I was trying to make is that I didn't try to become famous, I tried to remain anonymous and was dragged into the spotlight.
— MalwareTech (@MalwareTechBlog) May 21, 2017
So far I've decided on 4 charities:
DoctorsWithoutBorders
Great Ormond Street
Charity: Water
Hackers For Charity— MalwareTech (@MalwareTechBlog) May 21, 2017
“I’m definitely not a hero,” he told the Associated Press. “I’m just someone doing my bit to stop botnets.”