Researcher who thwarted WannaCry pleads not guilty to building banking malware

15 Aug 2017

Cybersecurity researcher Marcus Hutchins. Image: Frank Augstein/AP

Cybersecurity researcher Marcus Hutchins has pleaded ‘not guilty’ to creating malicious code that would later become banking malware Kronos.

British cybersecurity expert Marcus Hutchins, also known as MalwareTech, shot to fame earlier this year when he halted the spread of unprecedented cyberattack WannaCry. Hutchins found a ‘kill switch’ for the ransomware, which was hardcoded into it, in case the owner no longer wanted it to spread.

Since then, he has enjoyed some notoriety, telling The Guardian: “It is quite crazy, I’ve not been able to check into my Twitter feed all day because it’s just been going too fast to read. Every time I refresh it, it’s another 99 notifications.”

Motherboard reported that Hutchins was arrested in Las Vegas earlier this month, and the US government is accusing him of writing software in 2014 that eventually became Kronos, a form of banking malware. He has been brought up on six counts of wiretapping and hacking charges, which he denies.

This malware became active that same year, and focused on stealing banking login information from browser sessions. Threatpost reported that the banking Trojan was selling for $7,000 on several forums, and that Kronos could allegedly bypass some sandbox and antivirus protections.

In a somewhat unusual move by the court, Hutchins has been permitted to reside in Los Angeles as he awaits trial. As part of his release conditions, he will be permitted internet access so he can continue working, but will be tracked by GPS. He tweeted about the events yesterday.

During a hearing on 4 August, prosecution in the case stated that Hutchins admitted he was the author of the Kronos code in conversation with the FBI. The indictment alleges that while Hutchins created the malware, an unnamed accomplice took charge of selling it, and it has many wondering whether the creation and sale of malware is a crime at all.

His lawyer, Marcia Hofmann, spoke outside the courthouse: “Marcus Hutchins is a brilliant young man and a hero. He is going to vigorously defend himself against these charges and, when the evidence comes to light, we are confident that he will be fully vindicated.”

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com