WannaCry ‘hero’ pleads guilty to hacking charges

April 19, 2019 11:10 PM

Kevin Collier, CNN

Posted: April 19, 2019 11:10 PM

Updated: May 19, 2021 12:49 PM

by Kevin Collier, CNN

Marcus Hutchins, the British hacker who stopped one of the most destructive cyberattacks in the world, has taken a plea deal, admitting guilt in the US to unrelated hacking charges.

Hutchins became a minor celebrity in May 2017, when he stopped the spread of WannaCry, a ransomware worm created by North Korea that had spread wildly out of control in 2017, hitting the UK’s National Health Service especially hard.

A security researcher who blogged about how to hunt malicious software, Hutchins noticed and activated a kill-switch in WannaCry’s code.

Three months later, as he prepared to fly home after visiting Las Vegas during the DEF CON hacker conference, Hutchins was arrested and charged with crimes relating to the creation and sale of malware programs UPAS Kit and Kronos, programs that help steal people’s banking information, along with two other people. Since then, he’s lived in Los Angeles, unable to leave the US.

Until Friday, he denied the charges.

His arrest prompted an outcry in the cybersecurity community, with many highlighting the relatively harsh sentencing guidelines in the US compared to tamer ones in the UK. The difficulty in extraditing a British national suspected of criminal hacking from the UK to the US was highlighted in February 2018, when a British court decided that Lauri Love, accused of hacking several US government websites in 2013, could not be sent to the US to face trial.

Prior to his plea deal, Hutchins faced a total of 10 charges relating to his alleged involvement in the Kronos and UPAS Kit malware programs.

His plea deal cuts that down to two, each related to conspiracy to commit computer fraud, along with an agreement to accept responsibility. The remaining charges will be dismissed upon sentencing.

He faces up to five years in prison, and up to $250,000 in fines, on each count.

He posted a short statement to his website Friday. “As you may be aware, I’ve pleaded guilty to two charges related to writing malware in the years prior to my career in security. I regret these actions and accept full responsibility for my mistakes,” he wrote.

“Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks,” he said.

WannaCry ‘hero’ pleads guilty to hacking charges

Submit a Tip // Report an Error

Stream News 8 Now

Mobile Apps

Local News

Campbell Police seek community's help in finding missing 15-year-old

Mayo Clinic Health System gives advice on preventing colorectal cancer

La Crosse initiative helps bring attention to dangers of road salt during Salt Awareness Week

Campbell Library to host "Island Ecology Series" for all ages

La Crosse County Library celebrates Hmong culture

Top Stories

Onalaska business owner charged with secretly filming, taking photos of employees in the bathroom

Man charged with imprisoning woman in La Crosse house

Man gets life without parole in UW-Madison student's slaying

Campbell Police seek community's help in finding missing 15-year-old

UW-Richland closure transition plan calls for online focus

Two Black River Falls companies win WisDOT 'Excellence in Construction' awards

WannaCry ‘hero’ pleads guilty to hacking charges

Submit a Tip // Report an Error

Stream News 8 Now

Local News

Top Stories

Most Popular