San Francisco: Marcus Hutchins, the security researcher who helped temporarily stop the WannaCry ransomware bug, has now pleaded guilty to federal charges of creating and distributing malware used to break into online bank accounts. Also Read - WannaCry still lurking around, India also affected: Sophos
“Marcus ‘MalwareTech’ Hutchins, the British security researcher known for stopping the WannaCry ransomware outbreak, has pleaded guilty today to writing malware in the years prior to his prodigious career as a malware researcher,” the ZDNet reported late on Friday. Also Read - Researchers find an Android Ransomware using SMS spam to infect smartphones
He pleaded guilty to entering a conspiracy to create and distribute malware, and in aiding and abetting its distribution. Also Read - India Needs Full-Proof Cybersecurity Ecosystem, Says McAfee
“I regret these actions and accept full responsibility for my mistakes,” Hutchins wrote in a post, according to the ArsTechnica.
The researcher reportedly pleaded guilty to two counts, and the government agreed to drop the other eight. For each count, Hutchins faces up to five years in prison, up to $250,000 in fines, and up to one year of supervised release.
“He was also charged with working with a co-conspirator — identified only as ‘Vinny’, ‘VinnyK’, and ‘Aurora123’ — to advertise and sell the two malware strains online. This happened between July 2012 and September 2015, before Hutchins built a career as a talented security researcher,” the ZDNet report added.
Hutchins, who goes by the online handle MalwareTech, was arrested in August 2017 as he was due to fly back to the UK following the Def Con security conference in Las Vegas.
He was charged for his involvement with creating the Kronos banking malware, dating back to 2014. He was later freed on bail.