WannaCry vanquisher Marcus Hutchins pleads not guilty to flogging banking trojan Kronos

Trial scheduled for October

By John Leyden


Marcus Hutchins, the WannaCry kill-switch hero, has today pleaded not guilty to charges of creating and selling malware at a hearing in Milwaukee, Wisconsin.

The court took the unusual step of relaxing the the 23-year-old's bail terms, allowing him to access the internet and work again. He will also be able to live in Los Angeles, where his employer is based. Hutchins is, however, obliged to surrender his passport and will be required to wear a tracking device until his trial, which has been scheduled for October.

"Marcus Hutchins is a brilliant young man and a hero," said Marcia Hofmann, founder of Zeigeist Law, outside the court house. "He is going to vigorously defend himself against these charges and when the evidence comes to light we are confident that he will be fully vindicated."

The change in bail conditions is interesting. Usually computer crime suspects are instructed to stay offline completely, but the only restriction on Hutchins is that he can't visit the WannaCry server domain.

Hutchins became the toast of the infosec world when his actions helped limit the spread of the WannaCry ransomware, which affected NHS hospitals and numerous other organisations worldwide in May.

Hutchins attended the Black Hat and DEF CON conferences in Las Vegas earlier this month only to be arrested before boarding his flight back home to the UK.

US authorities allege he created Kronos, a banking trojan. Hutchins' lawyers previously indicated he intended to deny charges during an earlier bail hearing.

"We are very pleased today that the court modified his terms to allow him to return to his important work," said his lawyer Brian Klein, partner at Baker Marquart LLP.

Hutchins faces six charges related to the development and distribution of Kronos. A second, unnamed defendant features on the same rap sheet. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

Ignore that FBI. We're the real FBI, says the FBI that's totally the FBI

Don't open that malware mail from the Feds that's not from the Feds, Feds warn

FBI to World+Dog: Please, try turning it off and turning it back on

Feds trying to catalogue VPNFilter infections

FBI agents take aim at VPNFilter botnet, point finger at Russia, yell 'national security threat'

Feds warn admins malware is rather tough to destroy

FBI's flawed phone tally blamed on programming error. 7,800 unbreakable mobes? Er, um...

We meant 1,000. Maybe 2,000

Fancy Bear still Putin out new modules for VPNFilter malware

Talos turns up obfuscation, lateral attacks, and proxies

UK infrastructure failing to meet the most basic cybersecurity standards

We're all doomed

FBI chief asks tech industry to build crypto-busting not-a-backdoor

'You guys can build anything if you put your mind to it' is the gist of the argument

We're Putin our foot down! DHS, FBI blame Russia for ongoing infrastructure hacks

Alert adds detail to 'Dragonfly' cyber-attack disclosed last year

UK infrastructure firms to face £17m fine if their cybersecurity sucks

Oh boy, measures will also cover IT outages