A British cybersecurity researcher hailed as a hero for neutralizing the global WannaCry ransomware attack in 2017 has pleaded guilty to USA charges of writing malware. More charges were later filed over claims that Hutchins created another malware called UPAS Kit, and that he worked with a co-conspirator to advertise and sell the two malware strains online.
"Marcus "MalwareTech" Hutchins, the British security researcher known for stopping the WannaCry ransomware outbreak, has pleaded guilty today to writing malware in the years prior to his prodigious career as a malware researcher", the ZDNet reported late on Friday. In a statement posted on his website, Hutchins said he regrets his actions and takes full responsibility for his mistakes.
The indictment said Hutchins, then 23, and an unidentified accomplice conspired to create and sell malware meant to steal login information and other financial data from online banking sites. Having grown up, I've since been using the same skills that I misused several years ago for constructive purposes.
He was wanted for his role, between 2012 and 2015, in creating and selling a malicious computer code known as Kronos targeting banks to steal personal information, including usernames, passwords, email addresses and financial data, court documents show. Hutchins said in his statement this week that he'll "continue to devote my time to keeping people safe from malware attacks". Each count carries up to five years in prison and up to $250,000 (about £192k) in fines, though the plea agreement states that an "acceptance of responsibility" could contribute to a lighter sentence.
Arrested For Creating And Selling Malwares Hutchins' heroic acts were tarnished when he was arrested by Federal Bureau of Investigation agents in August 2017 at the McCarran International Airport in Las Vegas.
Hutchins has told the Press Association that sentencing is "yet to be scheduled".
The cyber-expert was hailed around the world as a hero in May 2017 when he found a "kill switch" that slowed the effects of the WannaCry virus, which affected more than 300,000 computers in 150 countries.
In 2017, a USA federal grand jury returned a six-count indictment against Hutchins.