1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

WannaCry buster pleads guilty to creating malware

April 20, 2019

The man hailed as a hero for stopping the WannaCry ransomware attack has been charged with developing malware. Prosecutors said it was "used to infect numerous computers around the world and steal banking information."

Cyber security expert Marcus Hutchins
Image: picture-alliance/AP Photo/F. Augstein

A British cyber security expert who was credited with neutralizing the global WannaCry ransomware attack in 2017 has pleaded guilty to US charges of developing malware.

Federal prosecutors in Wisconsin and Marcus Hutchins' attorneys said in a joint court filing Friday that the 24-year-old agreed to plead guilty to developing malware called Kronos and conspiring to distribute it from 2012 to 2015.

In exchange for his guilty plea to those charges, prosecutors dismissed eight further charges.

'I regret these actions'

"As you may be aware, I've pleaded guilty to two charges related to writing malware in the years prior to my career in security," Hutchins said in a statement on his website.

"I regret these actions and accept full responsibility for my mistakes. Having grown up, I've since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks."

Hutchins faces up 10 years in prison but could receive a more lenient sentence for accepting responsibility, the court filing said. Attorneys said Hutchins was aware he could be deported.

He initially pleaded not guilty to all the charges and was scheduled to go on trial in July. A new trial date has not been set.

Ransomware cyberattack threatens organizations worldwide

Hutchins '"knew it was always going to come back'

Prosecutors said Hutchins made incriminating statements during a two-hour interrogation, and later during a jailhouse phone call that Hutchins was told was being recorded, he told an unidentified person that he "used to write malware" years before.

"I knew it was always going to come back," Hutchins said on the call, but that he didn't "think it would be so soon."

Hutchins was arrested in Las Vegas in August 2017, as he was about to board a flight to England.

Just months earlier he had been hailed a hero for finding a "kill switch" to the WannaCry ransomware attack that crippled computers worldwide.

WannaCry infected hundreds of thousands of computers and caused disruptions at factories, hospitals, shops and schools in more than 150 countries.

Read more: Top 10 mistakes that make life easy for cyber-criminals

Made in Germany - Cybercrime

Kronos software designed to steal banking data

Prosecutors said in court filings that Hutchins sold the Kronos software to someone in Wisconsin and that he "personally delivered" the software to someone in California.

The malware was designed "to intercept communications and collect personal information, including usernames, passwords, email addresses, and financial data" from computers, prosecutors said.

Kronos was "used to infect numerous computers around the world and steal banking information," prosecutors said, without providing an exact number.

It is still unclear how much money Hutchins made from creating the malware, but in online chats the FBI intercepted on November 2014, Hutchins lamented the fact that he had only made $8,000 (€7,100) from five sales.

Hutchins said he thought he would be making around $100,000 annually by selling Kronos with one of his conspirators, who was not named in the indictment.

law/kl (AP, Reuters)

Every evening, DW's editors send out a selection of the day's hard news and quality feature journalism. You can sign up to receive it directly here.

Skip next section Explore more
Skip next section DW's Top Story

DW's Top Story

Ukraine's President Volodymyr Zelenskyy pictured on a visit to assess flooded areas in Kherson
Skip next section More stories from DW
Go to homepage