Independent journalist Marcy Wheeler has written a summary of the current state of the case against Marcus Hutchins. Marcus is also known online as MalwareTech and came into the spotlight last year for stopping another global outbreak of more Microsoft Windows malware.
In short, she covers the following five points about the case:
- Motion for a Bill of Particulars with respect to CFAA charges [...]
- Challenge to Seventh Count (CFAA) [...]
- Motion to dismiss the whole damn indictment [...]
- Motion to dismiss wiretapping because Congress never intended to charge foreigners with wiretapping and none of the rest of this happened in the United States [...]
- Motion to compel the identity of Randy [...]
Marcus was arrested last year after attending a security conference inside the US.
Earlier on SN:
Marcus Hutchins, WannaCry-Killer, Hit With Four New Charges by the FBI (2018)
Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con (2017)
"Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS (2017)
NSA-created cyber tool spawns global ransomware attacks
Leaked alleged NSA hacking tools appear to be behind a massive cyberattack disrupting hospitals and companies across Europe, Asia and the U.S., with Russia among the hardest-hit countries.
The unique malware causing the attacks - which has spread to tens of thousands of companies in 99 countries, according to the cyber firm Avast - have forced some hospitals to stop admitting new patients with serious medical conditions and driven other companies to shut down their networks, leaving valuable files unavailable.
The source of the world-wide digital assault seems to be a version of an apparent NSA-created hacking tool that was dumped online in April by a group calling itself the Shadow Brokers. The tool, a type of ransomware, locks up a company's networks and holds files and data hostage until a fee is paid. Researchers said the malware is exploiting a Microsoft software flaw.
One or more anti-virus companies may have been hacked prior to WannaCrypt infecting 75000 Microsoft Windows computers in 99 countries. First, anti-virus software like Avast fails to make HTTP connections. Second, five million of ransomware emails are rapidly sent. Although many centralized email servers were able to stem the onslaught, many instances of anti-virus software had outdated virus definitions and were defenseless against the attack. Indeed, successful attacks were above 1%. Of these, more than 1% have already paid the ransom. Although various governments have rules (or laws) against paying ransom, it is possible that ransoms have been paid to regain access to some systems.
Also, file scrambling ransomware has similarities to REAMDE by Neal Stephenson. Although the book is extremely badly written, its scenarios (offline and online) seem to come true with forceful regularity.
Telefónica reportedly affected. NHS failed to patch computers which affected US hospitals in 2016. 16 divisions of the UK's NHS taken offline with aid of NSA Fuzzbunch exploit. The fun of a public blockchain is that ransom payments of £415,000 have been confirmed. Cancellation of heart surgery confirmed. Doctors unable to check allergies or prescribe medication. Patient access to emergency treatment denied in part due to hospital telephone exchange being offline.
It also appears that one of the affected parties refused to answer a Freedom of Information request in Nov 2016 about cyber-security due to impact on crime detection. Similar parties provided responses to the same request.
Marcus Hutchins, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak in its tracks by discovering a hidden "kill switch" for the malware, has been arrested by the FBI over his alleged involvement in another malicious software targeting bank accounts.
According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015.
The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft word documents, and hijacks credentials like internet banking passwords to let its user steal money with ease.
[...] Hutchins, better known online by his handle MalwareTech, had been in Las Vegas for the annual Def Con hacking conference, the largest of its kind in the world. He was at the airport preparing to leave the country when he was arrested, after more than a week in the the city without incident.
Also covered by the BBC: NHS cyber-defender Marcus Hutchins charged in US.
Marcus Hutchins, the British malware analyst who helped stop global Wannacry menace, is now facing four new charges related to malware he allegedly created and promoted it online to steal financial information.
Hutchins, the 24-year-old better known as MalwareTech, was arrested by the FBI last year as he was headed home to England from the DefCon conference in Las Vegas for his alleged role in creating and distributing Kronos between 2014 and 2015.
Kronos is a Banking Trojan designed to steal banking credentials and personal information from victims' computers, which was sold for $7,000 on Russian online forums, and the FBI accused Hutchins of writing and promoting it online, including via YouTube.
Hutchins pleaded not guilty at a court hearing in August 2017 in Milwaukee and release on $30,000 bail.
However, earlier this week, a revised superseding indictment [PDF] was filed with the Wisconsin Eastern District Court, under which Hutchins faces four new charges along with the six prior counts filed against him by the FBI a month before his arrest.
According to the new indictment, Hutchins created a second piece of malware, known as "UPAS Kit," and also lied to the Federal Bureau of Investigations (FBI) when he was arrested and questioned last year in Las Vegas.
[...] As the news on the revised indictment broke, Hutchins, who has repeatedly denied any illegal activity, called the charges "bullshit" and appealed to his Twitter followers for donations to cover legal costs.