Malware Tech Arrested for Creating the Kronos Banking Trojan Pleads Not Guilty

MalwareTech or MalwareTechBlog known in real life as Marcus Hutchins, the 22-year-old British security expert who gained international recognition after he stopped the WannaCry ransomware outbreak on Monday pleaded not guilty in a US court to charges of creating and distributing the Kronos banking Trojan, a malware which was designed to steal people’s online banking details.

Marcus Hutchins was arrested at the McCarren International Airport in Las Vegas and detained by the FBI in Nevada on August 2nd after attending the Def Con hacking conference and was arrested on Thursday after he was indicted on charges of creating the Kronos banking malware.

According to the indictment, Hutchins “created” the Kronos malware. An unnamed co-defendant, in the indictment, also allegedly sold a version of Kronos in June 2015 on AlphaBay a non-functioning Darknet marketplace which was taken down earlier this year by the FBI.

Hutchins showed up in court in Milwaukee, Wisconsin, for his arraignment on Monday and is out on bail last week after posting a $30,000 bond. He was facing six counts of hacking affiliated charges going back to 2014 and 2015 after he was accused of playing a part in creating Kronos, a type of online banking malware. These charges could have resulted in a prison sentence up to 40 years. He is, however, awaiting his trial, which is scheduled to happen in October.

Conditions under his bail release include Hutchins wearing a GPS tracker but will be granted access to the internet which will enable him to continue to work as a security researcher.

In addition, he cannot contact the unnamed co-defendant mentioned in the FBI’s indictment, authorities will keep his U.K. passport but he will be able to travel to Los Angeles, the home of Kryptos Logic, his employer who hired him a year ago after being his approach to finding, reverse-engineering and analyzing malicious software, caught their eye.

“Marcus Hutchins is a brilliant young man and a hero,” said Marcia Hofmann, his attorney speaking outside the courthouse. “He’s going to vigorously defend himself against these charges and when the evidence comes to light, we are confident he will be fully vindicated.”

According to reports, “The prosecution stated that Hutchins had admitted ‘that he was the author of the code that became the Kronos malware’ when he spoke to FBI agents” in an earlier hearing on the 4th of August in Las Vegas. Kronos, which first appeared in mid-2014 and reportedly sold for $7,000, primarily targeted banks in the United Kingdom and other countries.”

Assistant U.S. Attorney Dan Cowhig, who was present at that hearing, stated “in his interview after his arrest, Mr. Hutchins admitted that he was the author of the code that became the Kronos malware and admitted that he had sold that code to another.

Cowhig added that the U.S. government will provide evidence of some chat logs that allegedly show Hutchins making an agreement with an unknown associate to share the earnings after the Kronos was sold.

Further evidence from the chat logs also allegedly revealed that Hutchins “complaints about the amount of money that he received for the sale of the banking Trojan.”

Earlier in May, Hutchins achieved international prominence as the “hero” who all by his lonesome stopped the worst mass ransomware attack ever recorded. This resulted in over 300,000 computers in 150 countries being infected.

All this happened when he was researching the WannaCry ransomware outbreak when he accidentally came across an alleged “kill switch” in the ransomware, a domain name which was found encoded in WannaCry’s code. He then registered the domain and later discovered that WannaCry would stop running on a computer if the domain was live.

With this series of events happening, Hutchins took to his twitter page to express how he was feeling.

“There are a lot of people I’d like to thank for amazing support over the past 11 days, which I will do when I get a chance to publish my blog,” “I’m still on trial, still not allowed to go home, still on house arrest; but now I am allowed online. Will get my computers back soon.” he wrote in two separate tweets.

Members of the cybersecurity community of which Hutchins was a popular member, has taken to his defense labeling him as a curious and skilled researcher who spent his teenage years writing software as a hobby and also running a tech blog.

His friends have also joined this campaign by putting up a crowdfunding campaign to raise money for legal fees.