A never-before-seen type of malware spread through at least 150 countries last Friday. The bug disrupted service at Britain’s National Health Service, FedEx, French automaker Renault, and hundreds of other organizations and businesses. As a 22-year-old security expert looked through the code of the so-called WannaCry ransomware, he saw a URL.
On a whim, the young man checked to see if the domain was registered. It was not, so he quickly paid the $11 to buy it. Doing so instantly shut down the spread of the malware.
The security expert who found the kill switch is known primarily by his Twitter handle Malware Tech. While several media outlets discovered his real identity, most refrained from printing his name out of respect for his wish to remain anonymous.
The young man became an instant hero in one of the largest cyber attacks in history. Over 230,000 computers were affected by the attack, but that number would’ve have been much higher had the domain name not been registered.
The hackers responsible for the attack quickly rewrote the code without the kill switch URL, but by then, enough people were able to patch their operating systems and avoid falling prey to the bug. Now, Malware Tech is getting a reward.
A company has offered Malware Tech $10,000 for his work in stopping the spread of WannaCry. HackerOne is a platform where people can report security issues to companies, so the companies can fix them (and sometimes reward those who reported the issues). HackerOne wants to recognize the young security expert for his invaluable work.
Strangely enough, the young man who continues to avoid the limelight says he doesn’t want any money for his discovery. He plans to let his Twitter followers decide what organizations to donate the money to.
He also plans on keeping a little of it to buy IT security books for students who can’t afford them. Is this guy the best or what?
As for his avoiding the spotlight, he says he’s just being practical. He told Business Insider that he doesn’t fear for his safety, he just can’t get any work done if reporters are constantly ringing his doorbell and requesting interviews.
One of the more interesting details that Malware Tech shared with his social media followers is that he doesn’t have a college degree. He landed his current job when the company read his blog became impressed by what he was doing.
He says it is easier to get a job with a degree. If you don’t have one, you just need to prove real-world experience (like, for example, the time you single-handedly stopped the spread of malware that infected hundreds of thousands of computers!).
There is one other reward that a company offered to Malware Tech, and he’s keeping this one. The food delivery company
In response to that generous offer, he said, “Yeah, I’ll probably claim it. I do like delivered food, and it would be perfect for con after-parties.”