Marcus Hutchins is reported to have been detained by FBI officials in Nevada
A cybersecurity researcher widely credited with helping to stop the global WannaCry ransomware attack earlier this year has been arrested in the US.
Marcus Hutchins (23) - also known by his online handle 'MalwareTech’ - was reportedly detained by FBI officials in Nevada.
He had been in the US attending the popular DefCon hacker convention.
According to court filings, Mr Hutchins has been accused of creating and conspiring to advertise & sell banking malware known as 'Kronos'.
He was charged alongside a second unnamed defendant.
The malware is said to have "recorded and exfiltrated user credentials and personal indentifying information from protected computers".
The case is believed to be unrelated to the WannaCry attack.
The British-based malware researcher gained attention for detecting a "kill switch" that effectively disabled the WannaCry ransomware worm in May.
The news of his arrest was first reported by Motherboard, with a US Marshals spokesperson telling the site: "My colleague in Las Vegas says this was an FBI arrest. Mr Hutchins is not in US Marshals custody."
Mr Hutchins is reported to have been initially brought to the Henderson Detention Center in Nevada before being moved to another facility.
Andrew Mabbitt, a friend of Mr Hutchins, said on Twitter that he had found Mr Hutchins at a Las Vegas field office, and is now planning to crowdfund legal fees.
Finally located @MalwareTechBlog, he's in the Las Vegas FBI field office. Can anyone provide legal representation?— Andrew Mabbitt (@MabbsSec) August 3, 2017
Eva Galperin, Director of Cybersecurity with the Electronic Frontier Foundation, confirmed her organisation was also trying to make contact with Mr Hutchins:
In a statement quoted by BBC, a spokesman for the UK's National Cyber Security Centre said: "We are aware of the situation. This is a law enforcement matter and it would be inappropriate to comment further."
The WannaCry attack impacted hundreds of thousands of computers around the world, with the NHS in the UK among the organisations most seriously impacted.
The software exploited a vulnerability in the Windows operating system.
It allowed the malware to automatically spread across networks, so it could quickly infect large numbers of machines at the same organisation.