The British cybersecurity researcher who rose to fame earlier this summer when he stopped the vicious “WannaCry” malware attack has plead not guilty to the charges which led to his arrest by the FBI two weeks ago over a separate hacking incident.
Marcus Hutchins, 23, who goes by “Malwaretech” online, was arrested and indicted by the FBI on August 2nd while attending the DEF CON hacker convention in Las Vegas. He has been accused of personally creating a malicious malware code called “Kronos” over three years ago. Kronos allegedly was designed to steal access to victim’s banking and credit card information.
Hutchins lawyer said “Marcus Hutchins is a brilliant young man and a hero,” following his first hearing in Wisconsin, where the case is being held. Hutchins gained notoriety in May when he stopped the rapid spread of the “WannaCry” malware, which was causing economic chaos throughout the UK and Europe, by noticing a potential flaw in its code and exploiting it.
After a brief spell of inactivity, Hutchins was back on Twitter posting about his experience yesterday. He wrote “Things to do during defcon: attend parties, visit red rock canyon, go shooting, be indicted by the FBI, rent supercars,” and “I’m still on trial, still not allowed to go home, still on house arrest, but now I am allowed online. Will get my computers back soon.”
It is unclear if Hutchins’ notoriety for his role in stopping WannaCry led investigators towards his alleged role in creating and attempting to sell Kronos.
Supporters of Hutchins’ have attested to his good intentions, saying he has even helped US law enforcement through his research work. Some fear that such critically important “white hat” work, like Hutchins’ stopping the WannaCry attack, will be dissuaded if it results in arrests and jail time. It may encourage hackers to continue working in the shadows, where the line between legal and illegal work is often confusing, and almost always fits a technically illegal definition based off laws currently on the books. Many “white hats” are themselves recovering “black hats,” who may have done work in the past they are not proud of and have stopped in order to avoid jail time.
The indictment says Hutchins worked with another undisclosed person on Kronos. He posted $30,000 bail on August 5th and has been allowed to return to work from Los Angeles.
Image courtesy of Wikipedia