Hacker who stopped WannaCry gets $30,000 bail
The bail was set by Judge Nancy Koppe in a Las Vegas court after she dismissed a federal prosecutor’s claim that Hutchins, 23, poses a “danger to the public.” The hacker was ordered to stay in the US with GPS monitoring as the case against him unfolds. He was also ordered to surrender his passport and is now banned from using any devices with internet access.
“He admitted he was the author of the code of Kronos malware and indicated he sold it,” prosecutor Dan Cowhig told the federal court.
Hutchins will apparently plead not guilty on all six counts of the Wisconsin-issued indictment, which accuses the Brit of distribution of, and profiteering from, Kronos malware between July 2014 and July 2015.
“He fights the charges and we intend to fight the case,” Hutchins’ lawyer, Adrian Lobo, noted after Friday’s hearing, according to the Telegraph. “He has dedicated his life to researching malware, not trying to harm people. Use the internet for good is what he has done.”
The prosecution, on the other hand, believes that the Kronos malware, developed by Hutchins and another unnamed conspirator, was used to steal banking passwords from infected computers in the US, Canada, the UK, and several other European countries.
After examining what he called a “weak” indictment, former CIA analyst John Kiriakou told RT that he does not see a crime there. He also doubted that Hutchins had ever visited Wisconsin, where the indictment was filed on Thursday.
“He is a guy who provided a great public service to the British people in the earlier hacking incident, and the United States turns it around and arrests him. I think that some questions need to be answered,” Kiriakou told RT.
The analyst also said that directors of US spy agencies themselves – the FBI and the CIA – attended hackers’ meetings to urge hackers to work for them, but now the arrest will “send a chilling effect through the entire hacker community.”
“The United States is notoriously hard on hackers, and in fact we sentence hackers in this country sometimes to sentences longer than murderers get. That’s just simply not fair.”
Hutchins, also known as ‘MalwareTech’ online, gained prominence in May for finding a “kill switch” to disable the WannaCry ransomware, which targeted over 300,000 computers worldwide running the Microsoft Windows operating system.
He was detained by the FBI at Las Vegas Airport on Wednesday after attending the Black Hat and Def Con hacker convention.
Hutchins faces six counts, including conspiracy to commit offense or to defraud the US, and fraud and related activity in connection with computers.
Hutchins will likely be released on bail on Saturday because the court clerk’s office closed before his defense team could post bail, according to Reuters. He is due to appear in the Eastern District of Wisconsin court on Tuesday, where he is expected to formally enter his pleas.
Expert who disabled ‘WannaCry’ cyber attack indicted over bank malware ‘Kronos’
On Thursday an indictment filed in the US District Court in Wisconsin accused Marcus Hutchins, 23, of advertising, distributing and profiting from a malware code called “Kronos.” The indictment states that Hutchins allegedly took part in the illegal activity from July 2014 to July 2015.
Hutchins, also known as “MalwareTech” online, gained prominence in May for finding a “kill switch” which disabled the WannaCry bug. He was detained by the FBI in Las Vegas Wednesday.
Hutchins faces six counts, including conspiracy to commit offense or to defraud US; fraud and related activity in connection with computers; interception and disclosure of wire,oral, or electronic communications prohibited; manufacture, distribution, possession and advertising of wire, oral, or communication intercepting devices prohibited.
He was indicted with an unnamed co-defendant on July 12. However, the case remained under seal until Thursday, according to a US Justice Department spokesman and reported by Reuters.
Hutchins was detained just days after he and thousands of others made their way to Las Vegas for the annual hacker Black Hat and Def Con conventions. He was being held at the Henderson Detention Center in Nevada early Thursday. A few hours later, he was moved to another facility, an unnamed friend of Hutchins told Motherboard.
“We still don’t know why Marcus has been arrested and now we have no idea where in the US he’s been taken to and we’re extremely concerned for his welfare,” the friend said.
The Kronos malware is downloaded from email attachments, causing victims’ systems to be vulnerable to theft relating to their banking and credit card credentials. Kronos was used to steal banking information in Canada, Germany, Poland, France, the United Kingdom and other countries.
Allegations in the indictment state that an unidentified co-defendant in the case advertised the Kronos malware on AlphaBay, a dark web marketplace which authorities took offline last month. Investigators stated that the site allowed anonymous users to participate in the global trade of drugs, firearms, hacking tools and other illegal goods.
The founder of the cyber firm, Fidus Information Security, Andrew Mabbit, who went to the conference in Las Vegas with Hutchins, said on Twitter that he was working on acquiring a lawyer for Hutchins because he does not currently have one.
“I refuse to believe the charges against @MalwareTechBlog,” Mabbit tweeted. “He spent his career stopping malware, not writing it.”
In the cyber community, Hutchins was hailed as a hero after he apparently stopped the WannaCry attack that caused disruptions to car factories, hospitals, shops and schools in more than 150 countries and infected hundreds of thousands of computers.