Home / Archive / Arrested WannaCry Hero Denies Distributing Kronos Malware

Arrested WannaCry Hero Denies Distributing Kronos Malware

Last Updated March 4, 2021 4:58 PM
Lester Coleman
Last Updated March 4, 2021 4:58 PM

Marcus Hutchins, a British cyber security expert who helped stall the WannaCry cyber attack and was recently arrested in Las Vegas on charges of distributing Kronos malware, has denied the charges, according to the BBC .

Hutchins’ lawyer Adrian Lobo said she intends to fight the case in Wisconsin. She presented the judge letters she said showed support for her client who has never had legal problems in the U.K. or U.S.

U.S. prosecutors claim Hutchins has admitted to creating software that gathers bank details.

Hutchins was granted $30,000 bail, but was not able to pay on Friday.

The defendant’s mother, Janet Hutchins, said she doubted her son’s involvement since he has spent a lot of time fighting malware.

Hutchins Caught in Sting Operation

Prosecutors told the judge Hutchins was caught in a sting operation when undercover agents purchased code from him. They said the software was bought in June 2015 for $2,000 in digital currency.

Prosecutor Dan Cowhig said Hutchins confessed during a police interview, saying he wrote the code for and sold the Kronos malware.

Cowhig said there is evidence of chat logs between Hutchins and an unnamed co-defendant who has not been arrested in which a security researcher complained about not getting a fair share of the money.

Judge Nancy Kobbe waived a claim from a government lawyer that the cyber-security expert posed a risk to the public since he had gone shooting on a gun range frequented by tourists.

Lobo said Hutchins claims he was not the author of the malware and that he would plead not guilty to all of the charges. The charges date from July 2014 to July 2015.

Hutchins Shocked by Charges

Lobo said Hutchins was completely shocked by the charges. She said he came for a work-related conference and was fully expecting to return home and had no reason to fear going to or leaving the United States.

In May, Hutchins found a “kill switch” to halt the WannaCry ransomware attack that struck the NHS and organizations in 150 countries.

He was hailed as an “accidental hero” after he registered a domain name to track the virus, a move that eventually stopped it.

Hutchins works for Kryptos Logi, a Los Angeles-based computer security firm, and was in Las Vegas to attend the Def Con and Black Hat cyber-security conferences.

He was arrested at the Las Vegas airport right before he was supposed to fly home.

District judge Nancy Koppe ordered his release on bail since he had no criminal history and because the allegations dated back two years.

Friends and family were not able to raise the bond money, however, so he will not be released until Monday at the earliest.

Under the conditions of the bail, he does not have access to the Internet and he must stay in Clark County, Nevada, and within the Eastern District of Wisconsin, where he is scheduled to appear in court on Tuesday.

He must also surrender his passport and be monitored by GPS.

Also read: FBI Arrests WannaCry Kill Switch Creator in Vegas

Hutchins’ Role in Malware Questioned

Robin Edgar, an IT security consultant, said Hutchins’ code was incorporated into the malware, but he had done nothing wrong.

Edgar told the BBC Radio 4’s Today program Hutchins was unhappy his code was stolen and used in Kronos. He said Hutchins didn’t write Kronos, but wrote a piece of code that was used in the malware.

Peter Heaton-Jones, Hutchins’ MP in North Devon, U.K., said he shared the shock of the local community over the charges.

Heaton-Jones wrote to Foreign Office minister Sir Alan Duncan seeking assurance that Hutchins is getting adequate consular assistance.

Heaton-Jones acknowledged the U.K. cannot interfere with U.S. court proceedings, but that people who know him in Ilfracombe and in the cyber community are astounded by the allegations.

The Electronic Frontier Foundation said it was deeply concerned with the arrest.

Naomi Colvin of the civil liberties campaign group Courage said Hutchins did the world a great service when he stopped the WannaCry attack.

Featured image from Shutterstock.