WannaCry vanquisher Marcus Hutchins pleads not guilty to flogging banking trojan Kronos

Trial scheduled for October

By John Leyden


Marcus Hutchins, the WannaCry kill-switch hero, has today pleaded not guilty to charges of creating and selling malware at a hearing in Milwaukee, Wisconsin.

The court took the unusual step of relaxing the the 23-year-old's bail terms, allowing him to access the internet and work again. He will also be able to live in Los Angeles, where his employer is based. Hutchins is, however, obliged to surrender his passport and will be required to wear a tracking device until his trial, which has been scheduled for October.

"Marcus Hutchins is a brilliant young man and a hero," said Marcia Hofmann, founder of Zeigeist Law, outside the court house. "He is going to vigorously defend himself against these charges and when the evidence comes to light we are confident that he will be fully vindicated."

The change in bail conditions is interesting. Usually computer crime suspects are instructed to stay offline completely, but the only restriction on Hutchins is that he can't visit the WannaCry server domain.

Hutchins became the toast of the infosec world when his actions helped limit the spread of the WannaCry ransomware, which affected NHS hospitals and numerous other organisations worldwide in May.

Hutchins attended the Black Hat and DEF CON conferences in Las Vegas earlier this month only to be arrested before boarding his flight back home to the UK.

US authorities allege he created Kronos, a banking trojan. Hutchins' lawyers previously indicated he intended to deny charges during an earlier bail hearing.

"We are very pleased today that the court modified his terms to allow him to return to his important work," said his lawyer Brian Klein, partner at Baker Marquart LLP.

Hutchins faces six charges related to the development and distribution of Kronos. A second, unnamed defendant features on the same rap sheet. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

Ignore that FBI. We're the real FBI, says the FBI that's totally the FBI

Don't open that malware mail from the Feds that's not from the Feds, Feds warn

US elections watchdog says it's OK to spend surplus campaign cash on cybersecurity gear

Congresscritters now have one less excuse for getting pwned

Estonian ex-foreign sec urges governments: Get cosy with the private sector on cybersecurity

Black Hat Marina Kaljurand thinks the days of going it alone are over

CISA's Palace: Congress backs new cybersecurity nerve-center for cyber-America's cyber-future

CISA heads off for Trump's signature – no, not that CISA, the good one

FBI to World+Dog: Please, try turning it off and turning it back on

Feds trying to catalogue VPNFilter infections

FBI agents take aim at VPNFilter botnet, point finger at Russia, yell 'national security threat'

Feds warn admins malware is rather tough to destroy

Google Play Store spews malware onto 9 million 'Droids

How did these get through the net?

FBI's flawed phone tally blamed on programming error. 7,800 unbreakable mobes? Er, um...

We meant 1,000. Maybe 2,000

Fancy Bear still Putin out new modules for VPNFilter malware

Talos turns up obfuscation, lateral attacks, and proxies