Sources have told The Sunday Times that the GCHQ was aware that WannaCry-hero Marcus Hutchins would be arrested by the FBI once he arrived in the United States.
GCHQ didn't warn or stop Hutchins from attending cybersecurity conferences in Las Vegas to avoid the "headache of an extradition battle" with the U.S.
Currently out on bail, Hutchins was arrested by the FBI at the Las Vegas airport while on his way back to the UK earlier this month. He was in the country to attend a black hat cybersecurity conference but was not aware of the fact that he was being investigated by U.S. government agencies.
Hutchins' arrest followed a six-count indictment pronounced by a grand jury in the Eastern District of Wisconsin on his role in creating a banking trojan and abetting its spread. The indictment also said that he and his accomplice charged between $2,000 (£1,523) and $3,000 (£2,284) for Kronos malware samples.
Hutchins' conviction could land a big blow to the ethical hacking community
Following his arrest, the UK's National Cyber Security Centre said it was aware of the situation but refrained from commenting on it.
A source has now revealed to The Sunday Times that the GCHQ was aware of the fact that Hutchins was being investigated by the FBI for computer crime offences prior to his indictment.
“Our US partners aren’t impressed that some people who they believe to have cases against (them) for computer-related offences have managed to avoid extradition. Hutchins’s arrest freed the British government and intelligence agencies from yet another headache of an extradition battle," said the source.
Cybersecurity experts in the UK and in the rest of the world believe that Hutchins' arrest created a very poor example since researchers like Hutchins' often get inside the Dark Net to identify existing malware and their distributors. His conviction would stop researchers from conducting their research fearlessly in the future.
Indicted cybersecurity expert Marcus Hutchins thanks people's 'amazing support'
Earlier, U.S. authorities had failed to get their hands on Gary McKinnon, a resident of the UK who they had accused of perpetrating the “biggest military hack of all time”. Following a ten-year extradition battle, McKinnon's extradition order was revoked by Prime Minister Theresa May citing his poor health.
Marcus Hutchins faces up to 40 years in prison if he is convicted on all counts in the U.S. He has been granted bail, is presently residing in Los Angeles and has been allowed to access the web.
"LA is nice, I wish I'd at least be given citizenship at the end of all this," he tweeted using his official Twitter handle @MalwareTechBlog recently.
"Daily life of someone who's just unwillingly moved out of parents house and to another country with no id or house would make a great blog. Unfortunately it probably overlaps with the rule of "don't talk about your case," he added.