WannaCry Hero Marcus Hutchins Faces More Charges

Marcus Hutchins, 23, the British security researcher who stopped the global WannaCry ransomware campaign in May 2017, is facing more charges from US authorities.

He is according to the BBC, facing four more charges related to separate malware he is alleged to have created.

Hutchins has been charged by US authorities of developing and distributing the ‘Kronos’ banking malware. He has pleaded ‘not guilty’ to the charges and is currently out on bail in the United States, after friends and family raised his £23,000 bail.

Court battle

However last month, Hutchins, otherwise known as ‘Malwaretech’ on social media, reportedly admitted to developing and distributing the ‘Kronos’ banking malware in a phone call.

He is currently seeking to prevent the phone conversation he had from used in the court case.

He also fighting against the inclusion of a two-hour FBI interview, arguing that he had been “sleep-deprived and intoxicated” at the time and had been “coerced” into a confession.

Hutchins was arrested by the FBI on 2 August last year in Nevada, after he attended the Black Hat and Def Con hacking conference in Las Vegas.

Hutchins is now facing ten charges in total, and is appealing to his Twitter followers to help with his legal fees.

US prosecutors in a new court filing, allege that Hutchins created a second piece of malware called ‘UPAS Kit.’

This malware was apparently created back in 2012 and was designed to be installed silently and not alert anti-virus software. It is alleged to have collected personal information.

Hutchins’s lawyer, Brian Klein, was quoted as saying the new indictment is “meritless”.

Wannacry ‘hero’

Hutchins currently works for LA-based company Kryptos Logic, but he was formerly based down in Devon.

When the WannaCry ransomware spread rapidly through computer systems around the world in May 2017, it crippled huge swathes of NHS IT infrastructure. As the ransomware attack began to take hold, Hutchins managed to obtain a sample of the malware from a fellow researcher.

Hutchins then tested the ransomware in a virtual environment and discovered it queried an unregistered domain. He had noted the malware was connecting to multiple IP addresses targeting a server message block (SMB) vulnerability.

He then registered the domain, an action which ultimately resulted in the botnet being terminated. Hutchins actions only emerged days after the first WannaCry attacks.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

US Regulator Approves SpaceX Falcon 9 Return To Service

US Federal Aviation Administration approves SpaceX's Falcon 9 rockets to return to service following second-stage…

18 hours ago

X Drops Unilever From Advertiser Lawsuit

Social media platform X drops Unilever from lawsuit against advertisers after reaching agreement on 'safety…

19 hours ago

US Lawmakers Seek Answers From Telcos Over China Hack

US Congressional Representatives ask for answers from AT&T, Verizon, Lumen Technologies after wiretap networks reportedly…

19 hours ago

Northvolt In Talks For 200m Euros In Short-Term Funding

Swedish EV battery start-up Northvolt in talks for 200m euros in short-term funding as it…

20 hours ago

US Labour Board Accuses Apple Of Slack Restrictions

US labour officials say Apple illegally restricted employees' right to discuss workplace issues on Slack…

20 hours ago