Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
TECHNOLOGY, DISCOVERY & INNOVATION. UPDATED 6 MINUTES AGO.
You are here: Home / Computing / WannaCry 'Hero' To Plead Not Guilty
WannaCry 'Hero' Says He's Not Guilty of Writing Banking Malware
WannaCry 'Hero' Says He's Not Guilty of Writing Banking Malware
By Sam Levin and Olivia Solon Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
AUGUST
07
2017
The British security researcher who stopped a global ransomware attack admitted to police that he wrote the code of a malware that targeted bank accounts, US prosecutors said during a hearing on Friday, but his attorneys said that he planned to plead not guilty.

Marcus Hutchins, the 23-year-old hailed as a hero for stopping the WannaCry ransomware attack, is accused of helping to create, spread and maintain the banking trojan Kronos between 2014 and 2015 and is facing six counts of hacking-related charges from the US Department of Justice (DoJ), according to a recently unsealed indictment.

A judge ruled on Friday that Hutchins -- who had been in Las Vegas for the annual Def Con hacking conference -- could be released on $30,000 bail. The judge said the defendant was not a danger to the community nor a flight risk and ordered him to remain in the US with GPS monitoring.

Dan Cowhig, the prosecutor, argued in federal court that Hutchins should not be freed because he is a "danger to the public," adding: "He admitted he was the author of the code of Kronos malware and indicated he sold it."

As part of a sting operation, undercover officers had bought the code from Hutchins and his co-defendant, who is still at large, Cowhig said in court. The prosecutor said there is also evidence from chat logs between Hutchins and the co-defendant, revealing that Hutchins complained about the money he received for the sale.

After the hearing, Adrian Lobo, Hutchins' defense attorney, said: "We intend to fight the case."

She added: "He has dedicated his life to researching malware, not to trying to harm people."

The attorney also told reporters that Hutchins' supporters were raising money for his bond and that he should be released on Monday.

"He has tremendous community support, local and abroad and in the computer world."

She declined to comment on the specifics of the charges, but said he was "completely shocked" by the indictment and that he was "in good spirits."

The DoJ charges relate to the Kronos malware, which is a type of malicious software used to steal people's credentials, such as internet banking passwords.

According to the indictment, Hutchins' co-defendant advertised the malware for sale on AlphaBay, a darknet marketplace, and sold it two months later. The indictment did not make clear if the malware was actually sold through AlphaBay.

US and European police eventually seized servers for the marketplace, which was shut down on 20 July.

Hutchins, known on Twitter as @MalwareTechBlog, gained a reputation as an " accidental hero " in May for halting the global spread of the WannaCry ransomware attack. WannaCry infected hundreds of thousands of computers worldwide in less than a day, encrypting their hard drives and asking for a ransom of $300 in bitcoin to unlock the files. The cyberattack wreaked havoc on organisations including the UK's National Health Service, FedEx and Telefónica.

The cybersecurity researcher, working with Darien Huss from security firm Proofpoint, found and inadvertently activated a "kill switch" in the malicious software.

The kill switch was hardcoded into the malware in case the creator wanted to stop it spreading. This involved a very long nonsensical domain name that the malware makes a request to -- just as if it was looking up any website -- and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading.

Hutchins noticed the domain was unregistered and so bought it for $10.69, not knowing what it did at the time. It immediately started registering thousands of connections every second.

"The intent was to just monitor the spread and see if we could do anything about it later on. But we actually stopped the spread just by registering the domain," he told the Guardian at the time.

The WannaCry malware ended up affecting more than 1m computers, but experts estimate that without Hutchins' intervention it could have infected 10-15m computers. Hutchins was given a special recognition award at the cybersecurity SC Awards Europe for his role in halting the malware.

Lobo and the US attorney's office did not immediately respond to requests for comment on Friday.

© 2017 Guardian Web under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN COMPUTING

NETWORK SECURITY SPOTLIGHT
A computer programmer who created malware used to hack the Democratic National Committee during the 2016 U.S. presidential race has become a cooperating witness in the FBI's investigation.

SCI-TECH TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.