Researcher Who Stopped WannaCry Pleads Not Guilty to Creating Banking Malware
Credit to Author: Lorenzo Franceshi-Bicchierai| Date: Mon, 14 Aug 2017 15:06:28 +0000
Monday, the well-known security researcher who became famous after helping to stop the destructive WannaCry ransomware outbreak pleaded “not guilty” to creating software that would later become banking malware.
Marcus Hutchins—better known by his online nickname MalwareTech—was arrested in early August in Las Vegas after the hacking conference Def Con. The US government accuses Hutchins of writing software in 2014 that would later become the banking malware Kronos. After getting out on bail and traveling to Milwaukee, he stood in front a judge on Monday for his arraignment. Prosecutors also allege he helped a still unknown co-defendant market and sell Kronos.
Hutchins’s lawyer Brian Klein declared in a packed courtroom in Milwaukee that Hutchins was “not guilty” of six charges related to the alleged creation and distribution of malware. Hutchins will be allowed to travel to Los Angeles, where he will live while he awaits trial. He will also be represented by Marcia Hoffman, formerly of the Electronic Frontier Foundation. Under the terms of his release, Hutchins will be tracked by GPS but will be allowed full internet access so he can continue to work as a security researcher; the only restriction is he will no longer be allowed to access the WannaCry “sinkhole” he used to stop the outbreak of ransomware.
“Marcus Hutchins is a brilliant young man and hero,” Hoffman told reporters outside the court room after the hearing. “He is going to vigorously defend himself against these charges and when the evidence comes to light we are confident he will be fully vindicated.”
Read more: The US Needs to Get Serious About Securing the Internet of Hackable Things
Hutchins is a well-known British security researcher who works for the Los Angeles-based Kryptos Logic. He became famous in May when he almost unwittingly activated the killswitch for WannaCry, a disruptive ransomware outbreak that was hitting thousands of computers all over the world. Hours after the beginning of the outbreak, Hutchins registered a domain that was coded into the malware. That domain was designed to be a sort of killswitch: if the malware could connect to it, it would stop working. And so it did.
That’s how Hutchins stopped the outbreak and became an overnight celebrity. British tabloids chased his friends down and eventually found out his house and his previously unknown real name.
In a shock to the hacking community, the FBI arrested him at Las Vegas’s McCarren International Airport on August 3. The US Department of Justice unsealed an indictment that accuses him of six counts of hacking and wiretapping crimes.
Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at lorenzo@jabber.ccc.de, or email lorenzo@motherboard.tv
Uncertainty surrounds Hutchins case. Legal experts questioned the government’s charges, arguing that it’s unclear that simply writing software—and not actively participating in using it to hack anyone—is a crime at all. Moreover, as well-known security blogger Marcy Wheeler noted, why is a British researcher being indicted in the United States for a malware that apparently had no American victims?
Update 11:37 AM: This post has been updated with more details from the hearing.
This is a breaking news story that will be updated as more details become available.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.