An online legal defense fund for Marcus Hutchins, the 23-year-old British researcher who stopped the worldwide WannaCry ransomware attack only to be arrested by the FBI when he visited the US, is scheduled to be shut down on Tuesday.
Tor Ekeland, a New York City-based defense lawyer who frequently represents accused hackers, hosted the fundraiser after GoFundMe refused to host one, citing its terms of service. Ekeland said he halted the fund for Hutchins, who on Monday pleaded not guilty to all six charges against him, because of repeated attempts to donate to it using fraudulent credit card numbers.
“Some numbnut decided to run a script,” Ekeland told BuzzFeed News. “It basically tried to use a bunch of fraudulent or stolen credit card numbers, which my payment processor picked up. So we have to sort through what donations were legitimate and which were fraudulent."
Hutchins' role in stopping one of the worst ransomware attacks in history, coupled with his youth, shyness, skill, and potentially heavy sentence, has endeared him to many in the cybersecurity industry. Nearly 100 people have donated small amounts of bitcoin to his defense fund. Plenty of others have donated via credit card — though it will be unclear how many, or how much money was contributed, until Ekeland can finish sorting through which charges were real, he said.
Once the legitimate credit card payments are sorted from the fraudulent ones, Ekeland said, he’ll honor his end of the bargain — taking processing fees and taxes, then paying for Hutchins’ legal fees and donating any leftover money to the Electronic Frontier Foundation, a nonprofit that supports online rights.
Tarah Wheeler, an associate of Hutchins who helped arrange the fund, told BuzzFeed News she plans to create a replacement soon.
Hutchins is scheduled to next appear in court in October.