British intelligence officials allowed a security researcher recently hailed as a hero to travel to Nevada, where they knew he would be arrested, in the hopes of avoiding the "headache of an extradition battle," the Sunday Times reported.
Marcus Hutchins, who discovered a flaw in and stopped the rapid spread of WannaCry ransomware, was arrested in early August following the DEF CON cybersecurity conference for his alleged role in creating malware used to steal banking credentials.
U.S. law enforcement officials believe that Hutchins helped design and sell the unrelated Kronos malware years ago.
"Our U.S. partners aren’t impressed that some people who they believe to have cases against [them] for computer-related offences have managed to avoid extradition. Hutchins’s arrest freed the British government and intelligence agencies from yet another headache of an extradition battle,” one source told the British newspaper.
The arrest led many to wonder why authorities waited to arrest Hutchins in America rather than have U.K. law enforcement detain him and extradite him to the United States.
According to the Times, the arrest was made in Nevada because the U.S. has lost faith in the British government's ability to extradite accused hackers. In recent years, two high-profile accused hackers successfully thwarted extradition by arguing that diseases, including Asperger's syndrome, precluded their need to tried in the United States.
Hutchins gained notice when he discovered a "kill switch" in WannaCry based on a test used by the malware to see if researchers were trying to investigate it that relied on a fictional website never being registered. He then registered the website.
That simple act curtailed the rapid spread of WannaCry, which had disrupted hundreds of thousands of computers in less than a week.