The guy who stopped WannaCry is reportedly being detained in the U.S.

Does no good deed truly go unpunished?

The infosec community is scratching its head this morning following the news that Marcus Hutchins, the 23-year-old security researcher who singlehandedly stopped the spread of the global ransomware WannaCry, is reportedly being detained in an unknown location by U.S. authorities.

Motherboard first picked up the story, reporting that a person by the same name, also aged 23, was being held at Nevada's Henderson Detention Center. A friend of Hutchins told the publication that he was moved to another unknown location sometime on Aug. 3.

We reached out to the FBI's Las Vegas office, but have received no response as of publishing. Notably, Hutchins is a British national.

This Tweet is currently unavailable. It might be loading or has been removed.

Hutchins, perhaps better known as MalwareTech, works for the cybersecurity firm Kryptos Logic. He was in Las Vegas for Black Hat and DEF CON: two annual cybersecurity conferences.

This Tweet is currently unavailable. It might be loading or has been removed.

He gained international notoriety in May of this year when he registered a domain found in the WannaCry code. In doing so, he inadvertently activated a kill switch which stopped the ransomware in its tracks — likely saving lives in the process.

Hutchins is typically very active on Twitter, and his last tweets before going dark suggest he was at the airport.

This Tweet is currently unavailable. It might be loading or has been removed.

It is unclear what, if anything, Hutchins has been charged with. When reached for comment by The Telegraph, his mother, Janet, noted that "I think I'm going to be rather busy tonight."

We'll update this story when we know more.

UPDATE: Aug. 3, 2017, 11:15 a.m. PDT

This Tweet is currently unavailable. It might be loading or has been removed.

According to fellow security researcher Andrew Mabbitt, Hutchins is reportedly being held in the Las Vegas FBI field office.

UPDATE: Aug. 3, 2017, 11:45 a.m. PDT

CNN reports that, according to the U.S. Department of Justice, Hutchins has been arrested for "his role in creating and distributing the Kronos banking Trojan."

Kronos was first spotted back in 2014, with The Guardian noting that the malware spread via email and targeted online banking passwords. Another unnamed codefendant has also reportedly been indicted.

According to the indictment, in addition to allegedly creating the malware, Hutchins has been accused of "Advertising the availability of the Kronos malware on internet forums; selling the Kronos malware; [and] Receiving and distributing the proceeds obtained from selling the Kronos malware [...]."

This Tweet is currently unavailable. It might be loading or has been removed.

Interestingly, in 2014 Hutchins asked for a sample of the very malware he now stands accused of creating.