Ethical Hacker Guilty Of Malware Attacks

British cyber security researcher Marcus Hutchins has pleaded guilty to two charges related to malware attacks used to steal details from US-based banking systems, court documents show. The programmer from Ilfracombe, Devon has been in FBI custody since being detained at a Las Vegas Airport in August 2017 on 2 August 2017.

Since entering his plea Hutchins, who goes by the Twiitter handle MalwareTech said in a statement accepting the charges that he “regrets these actions and accept full responsibility for my mistakes.”

If found guilty, he faces up to five years in a US federal prison and fines totaling $250,000 although both the prosecution and defense teams have shown a willingness to accept a plea deal giving him a lighter sentence. Whilst his stock across the Atlantic might be that of a criminal, in the UK he is seen as a hero in online security circles.

In May 2017, Hutchins was instrumental in detecting and activating the kill-switch in the ransomware programming known as Wannacry which crippled software systems in over 150 countries. Targeting networks using out-dated Microsoft operating systems, those typically used by most government agencies, the software encrypted entire databases and demanded a ransom for their safe return.

Among the worst affected was the British NHS public health system, which suffered total shutdown of a third of its hospitals and 8% of its GP surgeries costing nearly $120 million in damages over the space of just a week.

Using his background in hacking private servers, Hutchins discovered a patch that stopped the ransomware spreading to other networks on a server that could then be used as a platform to attack other networks. Microsoft quickly installed the patch and the worm quickly disappeared.

But before his role as hero of the hour, and aged just 18, Hutchins developed and distributed the virus Kronos which was then sold to an anonymous buyer using the name Aurora123.

For three years between July 2012 and August 2015, the malware was used to steal information from privately protected computers in America, including bank details and transactions. Because of his previous good deeds, the case has received significant publicity.

His supporters point to him being a minor when he developed the code that eventually ended up in Kronos malware, that he only realised his mistake when he reverse-engineered said code and that the 5 year statute of limitations has passed on when he committed the original crime.

The FBI for their part has a raft of evidence to the contrary. Under interrogation, during which the defense team claim their client was manipulated into providing false confession, Hutchins admitted creating the password-hacking programming used by Kronos. They also have a Malwaretech blog post which explicitly tells readers how to hack CAPTCHA protected passwords and so infiltrate networks, which is exactly what happened.

For his part, the accused is not shying away from his own guilt. His statement continues that “Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

How exactly he plans to do that from behind the walls of a federal prison remains to be seen by cultivating his image of the teenage bad-boy done good is sure to be welcomed back to the cyber intelligence community with open arms.

Unlike other perpetrators of similar attacks recently, Hutchins is unlikely to be made an example of. Once his sentence is served, whatever that may be, an extradition back home and a lengthy US travel ban await. Beyond that, Hutchins will emerge as one of the most famous and eminent faces in the battle to shore4 up cyber defense. Not bad for an 18-year old trying to steal passwords out of a bedroom in his parent’s house.

By Jackson Mardon-Heath

You Might Also Read: 

Preventing Another Wannacry:

 

« The CIA's Cloud Contract Is Worth Billions
Cognitive Science Can Explain Why Fake News Works »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Barracuda

Barracuda

Barracuda provides a comprehensive cybersecurity platform to protect organizations from all major attack vectors that are present in today’s complex threats.

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

Ground Labs

Ground Labs

Ground Labs is a security software company dedicated to making sensitive data discovery products that help organisations prevent sensitive data loss.

Cambridge Intelligence

Cambridge Intelligence

Cambridge Intelligence are experts in network visualization and finding hidden trends in complex connected data. Applications include cybersecurity.

Schneider Electric

Schneider Electric

Schneider Electric develops connected technologies and solutions to manage energy and process in ways that are safe, reliable and sustainable.

NetLib Security

NetLib Security

NetLib Security’s powerful, patented data security platform helps companies control data loss prevention (DLP) by managing what data can be transferred outside of their network.

MACH37

MACH37

MACH37 is a market-centric cybersecurity accelerator program designed to facilitate the creation of the next generation of cybersecurity product companies.

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

OriginalMy

OriginalMy

OriginalMy is a cybersecurity startup, focussed on digital governance and information authentication. Its mission is to prove authenticity using state-of-the-art cryptography and blockchain technology

Robo Shadow

Robo Shadow

Robo Shadow are trying to bridge the gap between the top tier organisations that can afford everything and everyone else who has to “Make it up as they go along” when it comes to Cyber.

Aiden Technologies

Aiden Technologies

Aiden simplifies your IT process, giving you peace of mind and security by ensuring your computers get exactly the software they need and nothing else.

Vancord

Vancord

Vancord is an information and security technology company that works in collaboration with clients to support their infrastructure and data security needs for today and tomorrow.

ID R&D

ID R&D

ID R&D is an award-winning provider of AI-based facial liveness, document liveness, and voice biometrics.

Cloudaeris

Cloudaeris

Cloudaeris is a trusted Microsoft Partner, and we've got what it takes to make your business more efficient and agile.

Smartcomply

Smartcomply

Smartcomply is an automated and AI-powered cybersecurity and compliance platform that aids businesses in reducing the time and money spent on cybersecurity and compliance.

Amtivo Ireland

Amtivo Ireland

Amtivo Ireland (formerly Certification Europe and EQA) offers a range of certifications and related services.