Marcus Hutchins, the UK kid who accidentally stopped the spread of WannaCry ransomware by reserving a domain that acted as a “killswitch”, was arraigned in a federal Wisconsin court on Monday, for allegedly authoring a banking trojan called Kronos.
Hutchins, a self-taught coder who lives on the English seaside, prevented more than 100,000 computers across the globe from being infected by registering a website domain name that unexpectedly stopped the spread of the ransomware. The anonymous blogger noticed that the virus contacts a remote web address and only starts taking files hostage if it finds that address unreachable. However Hutchins said that a Chinese hacker appeared to be trying to buy the web address thwarting his efforts so as to upgrade the virus to delete the ‘kill switch’. He posted a warning on Twitter that hackers could upgrade their software, known as WannaCrypt to version 2.0 that will likely remove the flaw. Still it’s nice to see the bad guys scramble for a change.
Hutchins’ trial is set Oct. 23. He is approved to keep working as a security researcher living in Los Angeles. Hutchins has been denied access to the WannaCry killswitch hole he set up to take advantage of the flaw he found in the ransomware. Hutchin’s attorneys are Marcia Hofmann and Brian Klein. Hutchins has been denied export from the USA though he is allowed to travel within our borders under GPS monitoring.
Hutchins, aka MalwareTech, was arrested during DEFCON in Las Vegas on Aug. 2. He’s accused of creating Kronos, a banking virus and for plotting with others to advertise, sell and profit from KRONOS malware from July 2014 to July 2015. In July he was indicted on one count of conspiracy to commit computer fraud and abuse, three counts of distributing and advertising an electronic communication interception device, one count of endeavoring to intercept electronic communications, and one count of attempting to access a computer without authorization.
Motherboard reported Monday that U.S. attorneys stated Hutchins admitted to FBI agents “that he was the author of the code that became the Kronos malware.” The security community views Hutchins as a white-hat hero who brilliantly defeated the WannaCry attack. Some legal experts question the strength of the US government’s case. Hutchins pleads not guilty.