A cybersecurity researcher known for helping stop the global spread of the WannaCry ransomware variant has pleaded guilty to computer hacking crimes related to the creation of banking malware.
Marcus Hutchins, a British cybersecurity researcher also known by his Twitter handle “MalwareTech,” was accused of writing malware known as Kronos in 2014. According to a 2017 indictment, Hutchins allegedly created and updated Kronos while another unidentified person sold the malware on dark web marketplace AlphaBay and other cybercrime forums.
Kronos was designed to steal log-in credentials and other financial information from online banking websites that are accessible via Internet Explorer, Mozilla Firefox and Google Chrome.
Hutchins’ arrest made waves in the cybersecurity community after he was detained by FBI agents at McCarran International Airport in Las Vegas following the 2017 DEF CON security conference. Days later, he pleaded not guilty in federal court in Milwaukee. His trial was expected to begin this summer.
The two counts that Hutchins pleaded guilty to Friday each carry up to five years in prison, $250,000 in fines, and a year of supervised release.
Hutchins posted a brief statement on his blog about the plea: “As you may be aware, I’ve pleaded guilty to two charges related to writing malware in the years prior to my career in security. I regret these actions and accept full responsibility for my mistakes. Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”
In May 2017, Hutchins activated a ‘kill switch’ in the code of WannaCry, stopping the ransomware variant from further spreading across global networks. WannaCry infected critical infrastructure including hospitals, telecommunications companies, and other organizations in over 150 countries, including the United Kingdom, Turkey, Spain, Russia, Germany, Vietnam and the United States. If not for Hutchins’ contribution, WannaCry could have infected a larger number of systems across the globe.
You can read the full plea below.