Details about the circumstances of his arrest and where he was being detained were not immediately available.
"A spokesperson for the UK National Crime Agency said the arrest was a "matter for the authorities in the US" and the UK's National Cyber Security Centre said it would be inappropriate to comment further" on a law enforcement matter.
Hutchins was 22 when he was hailed a hero last May after he found a "kill-switch" that slowed the effects of the ransomware virus. Mabbitt says the researcher was "detained" on August 2 but United States officials wouldn't tell him where he had been moved to.
He stopped the attack from spreading by registering an internet domain name the malware's code relied on.
A unnamed friend of Hutchins' tells Motherboard that it's unknown where he's being held at the moment. "We still don't know why Marcus has been arrested and now we have no idea where in the U.S. he's been taken to and we're extremely concerned for his welfare". When contacted by the publication, a US Marshals spokesperson said that "this was an Federal Bureau of Investigation arrest" and that "Mr. Hutchins is not in U.S. Marshals custody".
The British consulate in Los Angeles was unable to confirm that Hutchins had been taken into custody, saying only that it was in touch with local authorities in Las Vegas following reports of a British man being arrested.
Some associates of Hutchins took to Twitter to defend him Thursday, even arguing that he's worked directly with USA law enforcement.
She said: "In May this year, WannaCry malware closed hospitals in the United Kingdom, becoming the first ransomware attack to represent an actual threat to life". The FBI deferred all comments to the Department of Justice.
eWEEK will continue to update this developing story.