Ransomware attack hero condemns 'super-invasive' tabloids

Marcus Hutchins says he will have to move house after newspaper identified him and published his full address

He inadvertently halted the global spread of the international ransomware attack and will donate thousands of pounds of his reward money to charity, but Marcus Hutchins, the security expert labelled the “accidental hero”, has said his “five minutes of fame” have been “horrible”.

Hutchins, 22, was propelled into the media spotlight when he activated a “kill switch” in the malicious software that wreaked havoc on organisations including the UK’s National Health Service earlier this month. He originally told the Guardian how he spotted the URL not knowing what it would do at the time, and spoke under his alias of MalwareTech because he did not want to be identified.

But within two days Hutchins, who operates out of an English coastal town, tweeted that he had woken up to discover that his picture was on the front page of a newspaper and since then has become the centre of a media storm. At first the blogger saw the funny side of having to climb over his back wall to avoid reporters camped outside his house, but now, he says, the situation has escalated to the point that he feels the British tabloids have put his life in danger.

Writing of his experiences on Twitter, he also said the press had doxxed a friend of his, which involves searching for and publishing private or identifying information about a particular individual on the internet, typically with malicious intent.

22-year-old who halted global cyber-attack: ‘I’m no hero’ – video

Journalist doxed a friend then rang them offering money for my gf's name and phone number, one turned up at another friend's house.

— MalwareTech (@MalwareTechBlog) May 20, 2017

Tabloids here don't care about the story, they care about every detail of the person behind it and will go to extreme lengths to find out.

— MalwareTech (@MalwareTechBlog) May 20, 2017

In a tweet that has since been deleted Hutchins wrote: “One of the largest UK newspapers published a picture of my house, full address, and directions to get there … now I have to move.” He later implored his supporters not to doxx journalists in revenge and reiterated that he had not sought fame.

The point I was trying to make is that I didn't try to become famous, I tried to remain anonymous and was dragged into the spotlight.

— MalwareTech (@MalwareTechBlog) May 21, 2017

@malwareunicorn @PolarToffee Girl with me in the photo that got posted on all the news sites is married to one of my best friends, who found the whole thing hilarious.

— MalwareTech (@MalwareTechBlog) May 22, 2017

Hutchins got his first job straight after school without any serious qualifications thanks to his tech blog and skill at writing software, which he said has always been a hobby. He works remotely for Kryptos Logic, an LA-based threat intelligence company, which was impressed by his work and got in touch to offer him a job a little over a year ago.

Last week, he revealed that he had been awarded a bounty by HackerOne, a group that rewards ethical hackers for finding software flaws, and that he would divide the money between charities and educational resources for IT security students.

Offering the reward, HackerOne said: “Thank you for your active research into this malware and for making the internet safer!”

On Sunday, Hutchins said he had so far decided on four charities: Doctors Without Borders, Great Ormond Street, Charity: Water, and Hackers For Charity.

So far I've decided on 4 charities:
Great Ormond Street
Charity: Water
Hackers For Charity

— MalwareTech (@MalwareTechBlog) May 21, 2017

Did my best to vet all the previously suggested charities and the 4 above are the ones I felt best, but let me know if i missed something.

— MalwareTech (@MalwareTechBlog) May 21, 2017

Ransomware is a type of malware that encrypts a user’s data, then demands payment in exchange for unlocking the data. This attack used a piece of malicious software called WannaCry, which exploits a vulnerability in Windows.

Microsoft released a patch (a software update that fixes the problem) for the flaw in March, but computers that have not installed the security update remain vulnerable.

Hutchins previously warned that the attack could return in a new form and advised people to patch their systems. “This is not over,” he said. “The attackers will realise how we stopped it, they’ll change the code and then they’ll start again.”


Nadia Khomami

The GuardianTramp

Related Content

Article image
Cybersecurity stocks boom after ransomware attack
Companies see share prices rise sharply amid expected increase in spending on IT security after WannaCry hack

Nick Fletcher and Haroon Siddique

16, May, 2017 @3:35 PM

Article image
Surf fan who loves pizza: anonymous hero who halted cyber-attack
Known on Twitter as Malware Tech, the 22-year-old is a self-taught computer expert who reveals little about his true identity

Robert Booth

14, May, 2017 @4:03 PM

Article image
'Accidental hero' who halted cyber-attack is English blogger aged 22
Marcus Hutchins works for LA-based web security firm but has been anonymous tech blogger since leaving school

Nadia Khomami

15, May, 2017 @7:03 PM

Article image
UK faces mass 'ransomware' email attack from cybercriminal gangs
Police warn of viral scams disguised as messages from banks, followed by demand for Bitcoin payment to unlock devices

Charles Arthur and agencies

15, Nov, 2013 @6:22 PM

Article image
Operations cancelled as Hunt accused of ignoring cyber-attack warnings
Regulator said last summer that threat of attacks had put patient data at risk and jeopardised clinicians’ access to records

Denis Campbell and Haroon Siddique

15, May, 2017 @12:58 PM

Article image
The ransomware attack is all about insufficient funding of the NHS | Charles Arthur
Amber Rudd, the home secretary, can burble all she wants but the Tories have overseen chaos in NHS computing systems

Charles Arthur

13, May, 2017 @12:21 PM

Article image
UK tackles record cyber incidents as Russian ransomware attacks increase
National Cyber Security Centre says cyberattacks at record high and urges businesses not to pay up

Dan Sabbagh Defence and security editor

17, Nov, 2021 @6:00 AM

Article image
'Accidental hero' halts ransomware attack and warns: this is not over
Expert who stopped spread of attack by activating software’s ‘kill switch’ says criminals will ‘change the code and start again’

Nadia Khomami in London and Olivia Solon in San Francisco

13, May, 2017 @2:49 PM

Article image
'Petya' ransomware attack strikes companies across Europe and US
Ukraine government, banks and electricity grid hit hardest, but companies in France, Denmark and Pittsburgh, Pennsylvania also attacked

Jon Henley European affairs correspondent and Olivia Solon in San Francisco

27, Jun, 2017 @2:55 PM

Article image
Ransomware attacks in UK have doubled in a year, says GCHQ boss
Jeremy Fleming says ransomware is proliferating as it is ‘largely uncontested’ and highly profitable

Rajeev Syal Home affairs editor

25, Oct, 2021 @4:05 PM