from the it's-not-going-his-way dept.
Marcus Hutchins, the British malware analyst who helped stop global Wannacry menace, is now facing four new charges related to malware he allegedly created and promoted it online to steal financial information.
Hutchins, the 24-year-old better known as MalwareTech, was arrested by the FBI last year as he was headed home to England from the DefCon conference in Las Vegas for his alleged role in creating and distributing Kronos between 2014 and 2015.
Kronos is a Banking Trojan designed to steal banking credentials and personal information from victims' computers, which was sold for $7,000 on Russian online forums, and the FBI accused Hutchins of writing and promoting it online, including via YouTube.
Hutchins pleaded not guilty at a court hearing in August 2017 in Milwaukee and release on $30,000 bail.
However, earlier this week, a revised superseding indictment [PDF] was filed with the Wisconsin Eastern District Court, under which Hutchins faces four new charges along with the six prior counts filed against him by the FBI a month before his arrest.
According to the new indictment, Hutchins created a second piece of malware, known as "UPAS Kit," and also lied to the Federal Bureau of Investigations (FBI) when he was arrested and questioned last year in Las Vegas.
[...] As the news on the revised indictment broke, Hutchins, who has repeatedly denied any illegal activity, called the charges "bullshit" and appealed to his Twitter followers for donations to cover legal costs.
Independent journalist Marcy Wheeler has written a summary of the current state of the case against Marcus Hutchins. Marcus is also known online as MalwareTech and came into the spotlight last year for stopping another global outbreak of more Microsoft Windows malware.
In short, she covers the following five points about the case:
- Motion for a Bill of Particulars with respect to CFAA charges [...]
- Challenge to Seventh Count (CFAA) [...]
- Motion to dismiss the whole damn indictment [...]
- Motion to dismiss wiretapping because Congress never intended to charge foreigners with wiretapping and none of the rest of this happened in the United States [...]
- Motion to compel the identity of Randy [...]
Marcus was arrested last year after attending a security conference inside the US.
Earlier on SN:
Marcus Hutchins, WannaCry-Killer, Hit With Four New Charges by the FBI (2018)
Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con (2017)
"Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS (2017)