A BRITISH man who stopped a global cyber attack that crippled NHS computer systems has been charged with creating software that harvested banking details.

Marcus Hutchins, 23, from Ilfracombe, Devon, discovered the “kill switch” for the WannaCry ransomware, which infected tens of the thousands of computers in 170 countries.

2 IT expert Marcus Hutchins was branded a hero for slowing down the WannaCry global cyber attack Credit: Copyright 2017 The Associated Press. All rights reserved.

An indictment released by the US Department of Justice today reveals Hutchins is accused of having helped to create, spread and maintain the banking trojan virus Kronos.

The malware allowed hackers to steal online banking details and was spread via malicious e-mail attachments.

The document states: “Defendant Marcus Hutchins created the Kronos malware."

Hutchins, AKA MalwareTech, is being held at the Henderson Detention Center in Nevada in the US.

He was arrested in Las Vegas and charged with six counts in relation to creating and distributing the malware.

A few hours after, Hutchins was moved to another facility, according to a close personal friend who spoke to Motherboard.

MOST READ IN WORLD NEWS SCHUEY BLOW Michael Schumacher in a 'vegetative state and not responding to his family' SATURDAY NIGHT FEVER Chinese clubbers dance in Wuhan as Covid ground zero has 'NO cases' MEDICANE IANOS Two dead and buildings collapse as 'Mediterranean hurricane' batters Greece 'BEAST' Mum finds daughters 'knifed to death by date' not knowing he was convicted killer CLASH OF THE TITANS Killer whales 'ripping open' great whites to eat hearts and TESTICLES HORROR FALL 'Inseparable' pals die in 100ft waterfall plunge moments after posting this pic

He added: "We've been trying to get in contact with Marcus for 18 hours and nobody knows where he's been taken.

"We still don't know why Marcus has been arrested and now we have no idea where in the US he's been taken to and we're extremely concerned for his welfare."

Hutchins' mum, Janet Hutchins, said it was "hugely unlikely" that her son was involved because he has spent "enormous amounts of time and even his free time" combating such attacks.

She said she is "outraged" by the charges and has been "frantically calling America" trying to contact her son.

Shortly before his arrest, Hutchins was in Las Vegas during hacking conferences Black Hat and Def Con.

A US Marshals spokesperson said he was arrested by the FBI.

"We are aware a UK national has been arrested but it's a matter for the authorities in the US," a spokesperson for the UK's National Crime Agency told the website.

The cyber community expressed their concern over his arrest with Naomi Colvin, from civil liberties campaign group Courage, praising him for his earlier work.

She said: "In May this year, WannaCry malware closed hospitals in the UK, becoming the first ransomware attack to represent an actual threat to life.

"In halting the spread of WannaCry before the US woke up, MalwareTech did the world an enormous service - and to American businesses in particular."

2 The surfer, from Devon, warned there is a "good chance" he might not be able to stop the next attack

Ms Colvin said he had been detained for 24 hours before information was released about his arrest and said he has still not been allowed to contact his family or lawyers.

"The US treats hackers far worse than other countries do, with much longer prison sentences, a dearth of vital health care and rampant solitary confinement," she said.

The NHS was brought to its knees in May when hackers downed computer systems, leaving front-line hospital staff unable to access vital patient information.

Operations were cancelled and doctors and nurses were forced to rely on hand-written notes to track patient’s case histories and treatments.

The 22-year-old surfer stopped the unprecedented virus in its tracks in a matter of hours by triggering a “kill switch”.

He is believed to have come up with a solution to the WannaCry ransomware attack from his small bedroom at his parents’ home in Devon.

The blogger said he was "jumping around a room with the excitement" after he discovered that activating a specific web domain could disable the worm, which had demanded a ransom.

He is now working with the government's National Cyber Security Centre to help prevent a new wave of attacks today, MailOnline reported.

We pay for your stories! Do you have a story for The Sun Online news team? Email us at tips@the-sun.co.uk or call 0207 782 4368