Ethical Hacker Guilty Of Malware Attacks

British cyber security researcher Marcus Hutchins has pleaded guilty to two charges related to malware attacks used to steal details from US-based banking systems, court documents show. The programmer from Ilfracombe, Devon has been in FBI custody since being detained at a Las Vegas Airport in August 2017 on 2 August 2017.

Since entering his plea Hutchins, who goes by the Twiitter handle MalwareTech said in a statement accepting the charges that he “regrets these actions and accept full responsibility for my mistakes.”

If found guilty, he faces up to five years in a US federal prison and fines totaling $250,000 although both the prosecution and defense teams have shown a willingness to accept a plea deal giving him a lighter sentence. Whilst his stock across the Atlantic might be that of a criminal, in the UK he is seen as a hero in online security circles.

In May 2017, Hutchins was instrumental in detecting and activating the kill-switch in the ransomware programming known as Wannacry which crippled software systems in over 150 countries. Targeting networks using out-dated Microsoft operating systems, those typically used by most government agencies, the software encrypted entire databases and demanded a ransom for their safe return.

Among the worst affected was the British NHS public health system, which suffered total shutdown of a third of its hospitals and 8% of its GP surgeries costing nearly $120 million in damages over the space of just a week.

Using his background in hacking private servers, Hutchins discovered a patch that stopped the ransomware spreading to other networks on a server that could then be used as a platform to attack other networks. Microsoft quickly installed the patch and the worm quickly disappeared.

But before his role as hero of the hour, and aged just 18, Hutchins developed and distributed the virus Kronos which was then sold to an anonymous buyer using the name Aurora123.

For three years between July 2012 and August 2015, the malware was used to steal information from privately protected computers in America, including bank details and transactions. Because of his previous good deeds, the case has received significant publicity.

His supporters point to him being a minor when he developed the code that eventually ended up in Kronos malware, that he only realised his mistake when he reverse-engineered said code and that the 5 year statute of limitations has passed on when he committed the original crime.

The FBI for their part has a raft of evidence to the contrary. Under interrogation, during which the defense team claim their client was manipulated into providing false confession, Hutchins admitted creating the password-hacking programming used by Kronos. They also have a Malwaretech blog post which explicitly tells readers how to hack CAPTCHA protected passwords and so infiltrate networks, which is exactly what happened.

For his part, the accused is not shying away from his own guilt. His statement continues that “Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

How exactly he plans to do that from behind the walls of a federal prison remains to be seen by cultivating his image of the teenage bad-boy done good is sure to be welcomed back to the cyber intelligence community with open arms.

Unlike other perpetrators of similar attacks recently, Hutchins is unlikely to be made an example of. Once his sentence is served, whatever that may be, an extradition back home and a lengthy US travel ban await. Beyond that, Hutchins will emerge as one of the most famous and eminent faces in the battle to shore4 up cyber defense. Not bad for an 18-year old trying to steal passwords out of a bedroom in his parent’s house.

By Jackson Mardon-Heath

You Might Also Read: 

Preventing Another Wannacry:

 

« The CIA's Cloud Contract Is Worth Billions
Cognitive Science Can Explain Why Fake News Works »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CS Group

CS Group

CS Group offers a complete range of security solutions from consultancy to security maintenance and from secure infrastructure design to security governance.

Cydome

Cydome

Cydome offers full-spectrum cybersecurity solutions tailored for the maritime industry.

Kuratorium Sicheres Österreich (KSO)

Kuratorium Sicheres Österreich (KSO)

KSO is an independent non-profit association that has set itself the goal of making Austria safer as a national networking and information platform for topics of internal security.

Cansure

Cansure

Cansure is a leading insurance provider in Canada offering a broad range of property & casualty insurance solutions including Cyber & Data Breach insurance.

Cequence Security

Cequence Security

Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection.

CybExer Technologies

CybExer Technologies

CybExer provide an on-premise, easily deployable solution for complex technical cyber security exercises based on experience in military grade ranges.

Cryptika

Cryptika

Cryptika is a fully integrated IT security and managed services provider, specialized in Next-Generation Cyber Security Technologies.

Securden

Securden

Securden provide an all-in-one Platform for Next-Gen Privileged Access Governance, helping you to prevent identity thefts, malware propagation, cyber attacks, and insider exploitation.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

BigBear.ai

BigBear.ai

BigBear.ai delivers high-end analytics capabilities across the data and digital spectrum to deliver information superiority and decision support.

Herzing College

Herzing College

Herzing College Ottawa offers an accelerated 12-month Cybersecurity Specialist training program. This program is developed by industry experts and based on leading IT security certifications.

Protelion

Protelion

The Protelion Security Platform is uniquely architected to deliver security solutions that combine greater protection, flexibility, and performance.

Tenable

Tenable

Organizations around the world rely on Tenable to help them understand and reduce cybersecurity risk across their attack surface—in the cloud or on-premises, from IT to OT and beyond.

Transatlantic Cyber Security Business Network

Transatlantic Cyber Security Business Network

The Transatlantic Cyber Security Business Network is a coalition of UK and US cyber security companies which facilitates collaboration to help address critical cyber security challenges.

Mercury Systems

Mercury Systems

Mercury Systems is the leader in making trusted, secure mission-critical technologies profoundly more accessible to aerospace and defense.

Awareness Software Limited (ASL)

Awareness Software Limited (ASL)

As Hosting Specialists, Awareness Software offer practical and affordable hosting solutions including backup and disaster recovery and a range of cybersecurity services.