British snoops at GCHQ knew FBI was going to arrest Marcus Hutchins Secretive electronic spy agency GCHQ was aware that accused malware author Marcus Hutchins, aka MalwareTechBlog, was due to be arrested by US authorities when he travelled to United States for the DEF CON hacker conference, according to reports. The Sunday Times – the newspaper where the Brit government of the day usually …
Seems May wanted to block it to avoid flak from Labour and the Lib Dems, but could only block it on medical grounds, which she did.
Teflon Theresa May defies expectations over McKinnon
She then gave the courts the power to block extradition requests outside the EU in the interests of justice, washing her hands of future controversies like this.
Gary McKinnon saved from extradition to US on hacking charges
Now it seems the US isn't too happy about that.
Of course it was different when we wanted to extradite IRA terrorists from the USA. Somehow their courts always found something wrong with the paperwork.
Of course, the U.S is like a pimp, where every 'world citizen' is a free access resource to exploit by fair means or foul, but U.S citizens are their bitches, no one touches them but the U.S.
Ok lets set aside any dislike you might of had for the US. Some things that popped up in my head. A. ) He did it and was passed his usefulness. B.)The real person works for the GCHQ and far to valuable and the GCHQ set his ass up.This just does not smell right from the UK end. It could just be that he really really pissed the wrong person of or the GCHQ believes he did some thing far worse and don't want the egg on their face for using him.
Well, this may sound like tinfoil hat talk, but it actually starts to look like one of two things:
It looks like all they have against him is the old blog post, some code from which was found in Kronos (which is no surprise), his tongue-in-the-cheek remark that "selling it would be illegal", and his visit to the shooting range. And as in the US this nonsense can get you in jail for many years, so it had to be on the US soil to be a convincing threat. Easy bail conditions that he got speak for the first option.
"This just does not smell right from the UK end"
Actually, wheras the US government will go out of its way to protect its citizens from foreign courts, even when they're looking as guilty as sin, the UK government are a pathetic bunch of third rate patsies, who'd always give in to the slightest pressure, regardless how dodgy the charges against a British citizen are. There's a series of cases where the UK government has happily extradited people to The Land Formerly Known As The Land of the Free, for things that either weren't an offence where they were allegedly committed, or where there were adequate statutes to allow prosecution in the UK for a UK offence.
Sadly it won't happen, but if the US authorities are getting narked that we're not cooperating enough with them, I'd turn off all cooperation for a week or two, and tell them to stop being dicks, or the non-cooperation becomes permanent. In a further recent example of the contemptible arrogance the US authorities have for British cooperation, when our people shared confidential police photographs of a recent terrorist atrocity, they appeared in the New York Times the next day. At least the US TLA's now have the commander in chief they deserve!
For me, the first tip-off that the case was weak was the inclusion of the shooting range visit in the bail opposition.
It's pretty common that European visitors like to visit a shooting range. My experience might be a little biased by because I mostly know tech workers visiting for a conference or a brief work visit, but that's exactly the situation here. It doesn't mean that they are planning on becoming a serial killer, it's just an activity that is easier to do in the U.S. Pretty much like watching a cricket match when visiting England. You can see one in the U.S., but it's not convenient.
British snoops at GCHQ knew FBI was going to arrest Marcus Hutchins
When you is second fiddle in the orchestra you don’t get to conduct anything nor perform anything of outstanding note. Aint that right, boys and girls of an ailing and failing second class state.
I was on a bicycle, but it happened to me just last week. Google said there was a "freeway hike and bike trail" beside the freeway. There was no freeway hike and bike trail. There was just freeway. And me, hiking my bike over the tumbleweeds to try to get away from the freeway onramp that Google had sent me down.
"Previously, FBI agents had tried claiming Hutchins might try obtaining firearms to commit crimes, based solely on his having tweeted about visiting a shooting range in Las Vegas"
Fuck you, Feds. Seriously. Fuck. You.
Pretty standard straight line thinking from 'law enforcement' these days - It seems for certain charges* levelled they are prepared to assume the accused was planning anything and everything from eating babies and preparing to initiate World War III - Well, anything they think the public will buy into.
But seriously, isn't going on a gun-toting rampage in the U.S not just considered 'teen angst' these days??
This will be used in years to come as the text-book example of stitching up like a kipper.
If he ever returns to UK soil I would love to hear his opinions of the current UK Government.
Genuine question - In his line of work is he likely to have anything incriminating he could use as leverage?
There seriously seems to be people on all sides with a lot of money invested in both protecting and ensuring malware got onto systems (of varying sizes and companies/public firms). So any one, or more, of them could have framed or outed.
Even though no bit coins were withdrawn, someone somewhere got egg on their face, and want this guy to "pay".
"First look to your defences"
A bit difficult if any citizen with the talent to help defend fellow citizens is left to the mercies of a foreign power.
I'm not judging his guilt in this allegation, and don't understand the boundaries of Infosec research in any sense (legal, technical or practical) but he is a Brit, even if the only approach was a "Lord Vetinari" like 'quiet word' before he left these shores (or maybe not, after such a word) that would surely be in our national interest.
I'm not sure how others will be encouraged, but I fear not in the best way for our long term well being.
I seem to remember that USA kidnapping a Russian gentleman from the Seychelles on similar charges, and he was thrown in gaol on the flimsiest of evidence. There was no objection from the government of the Seychelles that foreign nationals were being kidnapped, which is rather shocking.
So, be very very careful...
I am assuming the only reason he wasn't arrested in the UK and extradited was because the evidence was very thin on the ground and the authorities doubted they would win the case. I find it difficult to think you could successfully win a case where some sort of computer crime had occurred without doing a search of his residence for computer equipment and taking that as evidence.
If i were him I would head directly to the US border with either Mexico or Canada and get out of that $hit hole to never return.
So, my understanding is that Marcus posted his PoC code showing some form of malware API hooks publicly, then a month later and much to Hutchins public surprise, it turns up in Kronos, heavily adapted to weaponize it and turn it into something useful. According to the Kronos analysis on malwarebytes:
1. The API hooks had been shown previously, suggesting that both Hutchins and the Russian-speaking Kronos author had lifted the concept from elsewhere
2. The other common factor was use of a particular lock instruction
3. Kronos is quite different from Hutchins code, involving an extra layer of difficulty in using shellcode instead of a pe file, combined with some counter-surveillance and anti-detection techniques
So, the FBI appear to be gambling a couple of decades of gradually-fostered goodwill between white-hats and the authorities on the use of a single command, to try and show intent of financial gain by a guy who donated his $10k wannacry bounty to charity. Uh yeah, good luck with that.
Regardless of what happens, why would Hutchins collaborate with the NCSC again?
Weirdly, malwarebytes goes so far as to patronise Hutchins by declaring that Kronos is the work of a 'mature malware author', rather than an 'experimenting youngster'. Sort of a backhanded exoneration, if you will.
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
