The researcher — who is known as MalwareTech on Twitter — registered a garbled domain name hidden in the malware to track the virus, a move that halted it.
The 22-year-old who slowed down the spread of a malware virus has been named as Marcus Hutchins.
Hutchins, a British cybersecurity researcher, has been credited with stopping the WannaCry ransomware attack's spread from a small bedroom in his parents' house. The Telegraph reports that he lives in a seaside resort on the north Devon coast.
Photos emerged Sunday night of Hutchins' self-assembled IT hub, which consists of computer servers, at least three monitors, and video games. Other images reportedly show the self-taught coder at Defcon in Las Vegas, a renowned conference for the hacking community.
The researcher — who is known as MalwareTech on Twitter and has been described as an "accidental hero" — registered a garbled domain name hidden in the malware to track the virus, unintentionally halting it. Hutchins described his efforts in a detailed blog post titled "How to Accidentally Stop a Global Cyber Attacks" on Saturday.
"I was quickly able to get a sample of the malware with the help of Kafeine, a good friend and fellow researcher," Hutchins wrote. "Upon running the sample in my analysis environment I instantly noticed it queried an unregistered domain, which i promptly registered.
"We prevented the spread of the ransomware and prevented it ransoming any new computer since the registration of the domain (I initially kept quiet about this while i reverse engineered the code myself to triple check this was the case, but by now Darien's tweet had gotten a lot of traction)."
Andrew Mabbitt, a cofounder of Fidus, said on Twitter that Hutchins was "one of the most intelligent and talented people I know."
"He gets paid to do his hobby which is most people's dream in life," he added.
The cyberattack plunged England's National Health Service into disarray on Friday and affected organisations around the world including French car manufacturers, Russian banks, and a Spanish telecoms operator, according to reports over the weekend.
The attack took the form of ransomware that is nicknamed "WannaCry". Ransomware is malicious software that encrypts data on a victim's computer and then asks for payment in return for decryption. In this case, messages seen by affected NHS staff members showed that the attackers were asking for $300 (£232) in Bitcoin in exchange for decryption.
A BBC analysis found people had paid the hackers £22,080 in bitcoin so far.
Europol's executive director, Robert Wainwright, told ITV that there were at least 200,000 victims, including the NHS, across 150 countries and that the number would most likely increase Monday morning when people return to work.
And things could be about to get worse. Hutchins told the BBC there was "another one coming ... quite likely on Monday." He is working with GCHQ's National Cyber Security Centre to head off another attack, according to The Telegraph.
Additional reporting by Shona Ghosh.