Expert Hacker Spared Jail

The British computer expert who helped shut down the WannaCry cyber-attack on the NHS said he is “incredibly thankful” after being spared jail in the US for creating malware. 

Marcus Hutchins was hailed as a hero in May 2017 when he found a “kill switch” that slowed the effects of the WannaCry virus which affected over 300k computers in 150 countries worldwide

But the 25-year-old, from the seaside resort of Ilfracombe in Devon, was arrested by FBI agents in a Las Vegas airport months later after attending a hacking convention.

In April, 25-year-old Marcus Hutchins pleaded guilty to two charges of making malicious software, or malware. Prosecutors alleged that the malware let cyber-criminals steal online banking details from internet users. Hutchins admitted to creating two programs known as Kronos and UPAS Kit.Since Hutchins' arrest in 2017, he has remained in the US on bail. 

The judge presiding at Hutchins' hearing, JP Stadtmueller, said that the 25-year-old would face one year of supervised release.

Hutchins, known online as MalwareTech, tweeted on Friday 26th July: “Sentenced to time served! Incredibly thankful for the understanding and leniency of the judge, the wonderful character letter you all sent, and everyone who helped me through the past two years, both financially and emotionally.”

He had pleaded guilty to two charges relating to writing malware, which court documents have described as “malicious computer code” known as Kronos.

The documents said: “The malware was designed to target banking information and to work on many types of web browsers, including Internet Explorer, Firefox and Chrome. Since 2014, Kronos has been used to infect numerous computers around the world and steal banking information.”

Hutchins, who had faced up to 10 years in prison, tweeted before his hearing: “Heading into court now. No matter what happens, I love y’all.” 

Writing earlier this year on his website, he said of his acts: “I regret these actions and accept full responsibility for my mistakes. Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

Guardian:         BBC

You Might Also Read:

WannaCry Has Not Gone Away:

 

 

 

 

« Malware Delivery Via LinkedIn
GDPR Requires Better Methods Of Authentication »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Computer Laboratory - University of Cambridge

Computer Laboratory - University of Cambridge

Computer security has been among the Laboratory’s research interests for many years, along with related topics such as cryptology

L J Kushner & Associates

L J Kushner & Associates

L.J. Kushner is a leading Information Security recruiting firm.

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

Fluency Security

Fluency Security

Fluency is the only Security Analytics & Orchestration (SAO) solution that automates correlation, detection, validation and ongoing tracking.

Remediant

Remediant

Remediant is the leader in Precision Privileged Access Management. We protect organizations from ransomware and data theft via stolen credentials and lateral movement.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

VU Security

VU Security

VU is a specialist in Cybersecurity software development with a focus on the prevention of fraud and identity theft.

netfiles

netfiles

netfiles offers highly secure data rooms for sensitive business processes and secure data exchange.

Danish Maritime Cybersecurity Unit

Danish Maritime Cybersecurity Unit

The Danish Maritime Cybersecurity Unit is tasked with delivering the initiatives set out in the Cyber and Information Security Strategy for the Maritime Sector.

EuraTechnologies

EuraTechnologies

EuraTechnologies, the French incubator and accelerator, is a centre of excellence and innovation for startups and entrepreneurs with a focus on Digital, Data, Cybersecurity and IoT.

Cyber Security Advisor

Cyber Security Advisor

Notice how sophisticated the cybersecurity market is. Think how would you pick the security provider, assess your company, and be sure of your security decisions? Cyber Security Advisor is the answer!

ADGS

ADGS

ADGS is a deeptech company focused in the fields of Agent-Based simulations (Emergent Behavior), Cybersecurity and Biometrics, Social Dynamics, Natural Language Processing and Artificial Intelligence.

SecureTech360

SecureTech360

SecureTech360 is a cybersecurity and IT consulting firm whose principals have extensive experience in Cybersecurity and Information Technology.

Custodia Continuity

Custodia Continuity

Custodia Continuity manage your Security, Backup, Continuity and Compliance. You get on with your business.

Endor Labs

Endor Labs

Endor Labs gives developers and security teams the context they need to prioritize open source risk.

Glasstrail

Glasstrail

Glasstrail are single-minded about helping organisations gather intelligence and manage vulnerabilities in their attack surface before adversaries exploit them.