"WannaCry Hero" Marcus Hutchins Pleads Not Guilty To Creating Malware

The charges against him have been viewed with skepticism by many cyber researchers since his arrest was announced last month.

Marcus Hutchins, the British cybersecurity researcher who in May stopped the worldwide WannaCry ransomware attack — and then was arrested by the FBI — pleaded not guilty Monday to all six charges against him.

Hutchins, 23, was known only to the public by his pseudonym MalwareTechBlog until May, when the WannaCry ransomware began crippling Windows 7 systems around the world, including a significant number of networks used by the UK National Health Service. He was called a national hero when he analyzed the code and found a kill switch, effectively halting the attack. But the FBI arrested him in July, when he visited Las Vegas during two hacker conferences, and said he helped create and sell Kronos, a little-used malware written to steal banking credentials.

A former Electronic Frontier Foundation attorney who’s working with Hutchins, Marcia Hoffman, told BuzzFeed News that he pleaded not guilty to all six counts.

From the start, the charges were met with skepticism from fellow researchers, some of whom argued that someone who researches malware would, by definition, tinker with malicious code. Orin Kerr, a leading scholar of US hacking laws, openly questioned whether the charges against Hutchins were “too aggressive” and whether the case would lead to a ruling on whether it is a crime to simply create malware.

In an unsealed court transcript, prosecutor Daniel Cowhig claimed both that Hutchins had admitted creating Kronos and expecting to be paid for it and that his unnamed partner, who allegedly sold it on the now defunct dark web black market AlphaBay, was still at large and wanted by the FBI.

Hutchins will be allowed to stay in Los Angeles while he awaits trial, according to Marcy Wheeler, an independent journalist who attended Hutchins’ arraignment. He has worked for cybersecurity firm Kryptos Logic, which is based there. Kryptos didn’t immediately respond to a request for comment.

Skip to footer