SoylentNews is people
SoylentNews
Submission Preview
No Jail Time for “WannaCry Hero”
Story automatically generated by StoryBot Version 0.2.2 rel Testing.
Storybot ('Arthur T Knackerbracket') has been converted to Python3
Note: This is the complete story and will need further editing. It may also be covered
by Copyright and thus should be acknowledged and quoted rather than printed in its entirety.
FeedSource: [Krebs]
Time: 2019-07-29 22:10:48 UTC
Original URL: https://krebsonsecurity.com/2019/07/no-jail-time-for-wannacry-hero/ [krebsonsecurity.com] using UTF-8 encoding.
Title: No Jail Time for “WannaCry Hero”
--- --- --- --- --- --- --- Entire Story Below --- --- --- --- --- --- ---
No Jail Time for “WannaCry Hero”
Arthur T Knackerbracket has found the following story [krebsonsecurity.com]:
Marcus Hutchins, just after he was revealed as the security expert who stopped the WannaCry worm. Image: twitter.com/malwaretechblog
The British security enthusiast enjoyed instant fame after the U.K. media revealed he’d registered and sinkholed [wikipedia.org] a domain name that researchers later understood served as a hidden “kill switch” inside WannaCry [wikipedia.org], a fast-spreading, highly destructive strain of ransomware which propagated through a Microsoft Windows exploit [wikipedia.org] developed by and subsequently stolen from the U.S. National Security Agency.
In August 2017, FBI agents arrested then 23-year-old Hutchins on suspicion of authoring and spreading the “Kronos” banking trojan and a related malware tool called UPAS Kit. Hutchins was released shortly after his arrest, but ordered to remain in the United States pending trial.
Many in the security community leaped to his defense at the time, noting that the FBI’s case appeared flimsy and that Hutchins had worked tirelessly through his blog to expose cybercriminals and their malicious tools. Hundreds of people donated to his legal defense fund.
In September 2017, KrebsOnSecurity published research [krebsonsecurity.com] which strongly suggested Hutchins’ dozens of alter egos online had a fairly lengthy history of developing and selling various malware tools and services. In April 2019, Hutchins pleaded guilty [krebsonsecurity.com] to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices.
At his sentencing hearing July 26, U.S. District Judge Joseph Peter Stadtmueller said Hutchins’ action in halting the spread of WannaCry was far more consequential than the two malware strains he admitted authoring, and sentenced him to time served plus one year of supervised release.
“When it comes to matter of loss or gain,” Wheeler wrote, quoting Judge Stadtmeuller. “the most striking is comparison between you passing Kronos and WannaCry, if one looks at loss & numbers of infections, over 8B throughout world w/WannaCry, and >120M in UK.”
“This case should never have been prosecuted in the first place,” Wheeler wrote. “And when Hutchins tried to challenge the details of the case — most notably the one largely ceded today, that the government really doesn’t have evidence that 10 computers were damaged by anything Hutchins did — the government doubled down and issued a superseding indictment that, because of the false statements charge, posed a real risk of conviction.”
Hutchins’ conviction means he will no longer be allowed to stay in or visit the United States, although Judge Stadtmeuller reportedly suggested Hutchins should seek a presidential pardon, which would enable him to return and work here.
“Incredibly thankful for the understanding and leniency of the judge, the wonderful character letter you all sent, and everyone who helped me through the past two years, both financially and emotionally,” Hutchins tweeted [twitter.com] immediately after the sentencing. “Once t[h]ings settle down I plan to focus on educational blog posts and livestreams again.”
Tags: Judge Joseph Peter Stadtmueller [krebsonsecurity.com], Kronos banking malware [krebsonsecurity.com], Marcus Hutchins [krebsonsecurity.com], Marcy Wheeler [krebsonsecurity.com], UPAS Kit [krebsonsecurity.com]
I thought it said “time served” instead of “no jail time.” Does anyone know how much time he had already served?
I wouldn’t say that he was completely unpunished.
He was on monitored release.
He would have served time in custody from his arrest to his arraignment. At arraignment, he would have been released on his own recognizance, or bail would have been set by the court, and he was released on posting of whatever amount the court had set.
Not to minimize his incarceration, but it is unlikely he was locked up more than a few days.
But still Ross Ulbricht is doing a life sentence while this guy goes free ?
One word to describe this guy “Snitch” that’s how you don’t go to prison now and days.
Ross was involved in selling hard drugs and tried to have people murdered, slightly more serious crimes.
Can he now be prosecuted and/or sued in UK for his part in finacial cyber crimes by the victims and banking institutions? He was a hero here and around the world for one malware but also a villian in UK to milluons fir another that could bring the real pain for him….legal fees alone would be devastating.
Lets hope that when he goes back to the UK, he is held to account for his crimes
“It’s not whether you are guilty or innocent. It’s what they can prove.”
Click image for my skimmer series.
A New York Times Bestseller!
Badguy uses for your PC
Tools for a Safer PC
Spammers Duke it Out
Your email account may be worth far more than you imagine.
eBanking Best Practices for Businesses
Innovations from the Underground
ID Protection Services Examined
The reasons for its decline
File 'em Before the Bad Guys Can
A crash course in carding.
Sign up, or Be Signed Up!
Finding out is not so easy.
...For Online Safety.
© 2019 Krebs on Security.
Powered by WordPress [wordpress.org].
Privacy Policy [krebsonsecurity.com]
-- submitted from IRC
