This is only mentioned in one sentence in the article, but it should be noted that he wasn’t arrested for anything having to do with WannaCry. He was arrested because he allegedly created the Kronos malware.
The charges apparently are rather vague and there are some doubts if it even holds ground. For one thing in 2014 he posted this:
Which is either a) a clever trick to create the impression he didn’t create it or b) he’s just doing his job as a security researcher. I don’t know why but I lean towards b.