News in brief: WannaCry ‘kill switch’ man detained; Firefox file encryption; DDoS fails to persuade

Your daily round-up of some of the other stories in the news

WannaCry ‘kill switch’ man detained

When the WannaCry virus hit back in May, 2017, a young man from the UK reported that the malware contained what became known as a kill switch.

Simply put, WannaCry tried to contact a weirdly-named website just before infecting your computer; if a reply came back, then the malware went no further.

The weirdly-named website didn’t exist when the worm first appeared, so Marcus Hutchins, 23, quickly registered the “immunisation domain” himself and set up a webserver on it, thus limiting WannaCry’s virulence.

He was soon hailed as a hero – rapidly becoming something of a security celebrity around the world.

But now there’s a new twist to the story: it seems that Hutchins was recently arrested by the FBI in Nevada, USA, where he had travelled to attend the annual DEF CON hacking conference.

Right now [2017-08-03T18:00Z], we don’t know why he was arrested, or what he has been charged with, if anything.

We now [2017-08-03T19:44Z] know that Hutchins has been accused of writing, advertising and selling commercial malware called Kronos, three years ago.

Firefox Launches “Send” Test Pilot

Firefox has announced a new Test Pilot feature allowing you to send large files over the internet easily and quickly.

The project, called, “Send,” encrypts files during transmission, then self-destructs the files after download. The files are encrypted client-side, so even Mozilla can’t access the files when they’re sent.

The file is uploaded and a link is created for the user to share with the recipient. The download expires after 24 hours.

Additionally, Mozilla is working on Speech to Text (STT) functionality for Firefox called “Voice Fill,” and a note-taking option – called, unsurprisingly, “Notes” – that creates a simple, convenient place to take notes as well as store them.

Firefox invites users to try out its Test Pilot programs and offer feedback. More information can be found here.

Death-threat DDoSer arrested

The FBI recently arrested a man who allegedly made and carried out various criminal threats against websites in the USA, Australia and Canada.

The threats included distributed denial of service attacks (DDoSes), where a criminal commands a large number of computers in a botnet to generate simultaneous network traffic aimed at victims’ networks.

For example, if the usual web load you can handle is, 10,000 simultaneous visitors, and a crook manages to summon up DDoS traffic from 9999 time-wasting pseudovisitors, you’ll be down to 0.01% of your usual business capacity.

The man, Kamyar Jahanrakhshan, 32, had been convicted of theft in the USA in 2005, and for fraud in Canada in 2011. After serving a prison sentence in Canada, he was deported back to the USA in 2014.

It seems that he wanted his name removed from numerous websites in the USA, Australia and Canada, where it was mentioned in connection with his legal troubles, and that he turned nasty when his requests were refused.

Jahanrakhshan not only threatened and carried out DDoSes, but also claimed that he would “send bomb threats to [a media company’s] offices across Canada”, and told the Canadian Broadcasting Corporation that he would “threat [sic] the lives of families of CBC employees”.

Even though he’s not yet been convicted, his name is now more widespread than ever online.

Catch up with all of today’s stories on Naked Security