Security researcher who stopped WannaCry pleads guilty to own malware
The security researcher who discovered the WannaCry ransomware kill switch but was arrested for creating his own malware now pleads guilty. In exchange for a 2015 malware plea guilty, other charges are dropped.
Marcus Hutchins, also known by the username MalwareTech, discovered after analyzing the WannaCry malware that it was contacting a domain name that had not yet been registered. He decided to find out what would happen if he did and the result was that the ransomware stopped its march across the world. The malware did a lot of damage, and Hutchins’ discovery was highly valued. This was in May of 2017.
However, the British Hutchins was arrested three months later in Las Vegas by the FBI. This on suspicion of creating, distributing and managing the Kronos banking malware between 2012 and 2015. More charges were later added, including creating the malware Upas Kit and lying to the FBI.
Hutchins now pleads guilty on two fronts: being part of a conspiracy to create and distribute malware. In return, prosecutors drop eight other charges. ZDNet writes this on the basis of documents that they have obtained and published. Hutchins also publishes his confession on his own website. “I regret these actions and take full responsibility for them. Since becoming an adult, I have only used these skills for constructive purposes,” the 24-year-old man wrote.
Hutchins had always vehemently denied guilt, claiming that the FBI had questioned him while he was exhausted and under the influence of alcohol. The officers also allegedly misled him about the true purpose behind the interrogation. The results of that interrogation, however, still ended up in court as evidence. Hutchins faces up to five years in prison and a fine of up to $250,000 for each charge he now pleads guilty to.
The WannaCry ransomware has caused hundreds of millions of dollars in damage. The Windows vulnerability it exploited was actually already patched by Microsoft, but WannaCry still managed to take root thanks to systems lagging behind updates.