Security researcher Marcus Hutchins, also known by his online alias ‘MalwareTech’ has entered a plea of not guilty against charges he created the Kronos banking trojan. Hutchins entered the plea in a Milwaukee, Wis. federal courthouse on Aug 14.
Hutchins was first arrested on Aug. 2 as he attempted to return to his home in the U.K. after spending a week in Las Vegas for the Black Hat and DefCon security conferences. U.S. law enforcement officials arrested Hutchins in connection with a six-count U.S. Department of Justice indictment alleging that Hutchins and an unnamed co-conspirator created and sold the Kronos banking trojan.
In an Aug. 4 hearing in a Las Vegas courthouse, Assistant U.S. Attorney for the Department of Justice, Dan Cowhig stated that, “in an interview following his arrest, Mr. Hutchins admitted that he was the author of the code that became the Kronos malware and admitted that he had sold that code to another.” Hutchins was subsequently released on a $30,000 bond and formally entered a plea of not guilty to the charges in an Aug. 14 hearing.
Hutchins is now awaiting trial, which is currently set for October. The court ordered Hutchins to remain in the U.S. and to be tracked by a GPS monitoring device while he awaits trial.
“I’m still on trial, still not allowed to go home, still on house arrest; but now I am allowed online. Will get my computers back soon,” Hutchins wrote in a Twitter message following his court appearance.
His attorney Marcia Hoffman issued a brief statement on the case after Hutchins Aug. 14 court appears. “Marcus Hutchins is a brilliant young man and a hero,” Hoffman said. “He is going to vigorously defend himself against these charges and when the evidence comes to light, we’re confident that he will be fully vindicated.”
Hoffman is well known in the security researcher community for her work with the Electronic Frontier Foundation (EFF) where she has been a collaborator on various projects since May 2013. In an Aug. 2013 talk at the Black Hat USA conference, Hoffman provided an overview on the legal implications of security research and the Computer Fraud and Abuse (CFAA) act.
Hutchins shot to international notoriety in mid-May for his work in stopping the WannaCry ransomware outbreak. Hutchins was credited by the UK National Cyber Security Centre with discovering that WannaCry was reaching to a specific un-registered web domain to determine if it should continue spreading. Hutchins bought the so-called “kill switch” domain, slowing down the spread of the initial variants of the WannaCry malware.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.