$30K Bail Set for British Hacker Who Helped Stop Global WannaCry Ransomware Attack - NBC Connecticut
National & International News
The day’s top national and international news

$30K Bail Set for British Hacker Who Helped Stop Global WannaCry Ransomware Attack

A grand jury indictment charged Marcus Hutchins with creating and distributing malware known as the Kronos banking Trojan

    processing...

    NEWSLETTERS

    'Ransomware' Cyberattack 'WannaCry' Ebbs, But Experts See Risk of More

    The cyberattack that took computer files hostage around the world appeared to slow on Monday as authorities worked to catch the extortionists behind it — a difficult task that involves searching for digital clues and following the money. Charlie Wojciechowski reports.

    (Published Monday, May 15, 2017)

    A Las Vegas federal judge set bail of $30,000 on Friday for a celebrated young British cybersecurity researcher accused by U.S. prosecutors of creating and distributing malicious software designed to steal banking passwords.

    The attorney for Marcus Hutchins, who has broad support in the information-security community, said the 23-year-old hacker would contest the charges. She said he would not be released until Monday because there wasn't enough time to post bail after Friday's afternoon ruling.

    Hutchins is due in federal court in Milwaukee on Tuesday.

    The U.K. resident gained overnight fame with quick thinking in May when he helped curb the spread of the WannaCry ransomware attack that had crippled thousands of computers worldwide.

    Bill Cosby Arrives to Court for Sentencing

    [NATL] Bill Cosby Arrives to Court for Sentencing

    Bill Cosby arrived at the Montgomery County Courthouse early Monday, where a judge will decide if the 81-year-old comedian will go to prison as a result of his sexual assault conviction.

    (Published Monday, Sept. 24, 2018)

    Much of the cybersecurity community rallied around Hutchins after his arrest Wednesday, calling him a principled, ethical hacker.

    The conditions of his release came as a relief for his supporters.

    "This is excellent news," said Nicholas Weaver, a computer scientist at the University of California at Berkeley. "The indictment is remarkably shallow even by indictment standards, which is disappointing because it adds considerable uncertainty and fosters distrust with the general security community."

    Las Vegas-based attorney Adrian Lobo said money for Hutchins' bond would come from a variety of supporters and family in the U.S. and abroad.

    Weaver said federal prosecutors and the FBI were making a mistake by not providing more details about the crimes it alleges Hutchins committed. "Having more information would act to reassure the larger security community that is so critical for fighting online crime," he said.

    Magistrate Judge Nancy Koppe said Hutchins is not a danger to the community and has sufficient community support to not be a flight risk.

    She ordered him to surrender his passport and said he could fly to Wisconsin, where he was indicted last month, without identification.

    Hutchins did not enter a plea at Friday's hearing. He was arrested while preparing to return home from the Def Con convention for computer security professionals.

    He stands accused of creating and distributing malware known as the Kronos banking Trojan. Such malware infects web browsers, then captures usernames and passwords when an unsuspecting user visits a bank or other trusted location, enabling cybertheft.

    Computer law expert Tor Ekeland described the evidence in the case so far as flimsy.

    "This is a very, very problematic prosecution to my mind, and I think it's bizarre that the United States government has chosen to prosecute somebody who's arguably their hero in the WannaCry malware attack and potentially saved lives and thousands, hundreds of thousands, if not millions, of dollars over the sale of alleged malware," Ekeland said.

    The indictment alleges that Hutchins and another defendant — whose name was redacted — conspired between July 2014 and July 2015 to advertise the availability of the Kronos malware on internet forums, sell the malware and profit from it. The indictment also accuses Hutchins of creating the malware.

    Cancer Patient's Christmas Decorations Vandalized

    [NATL] Cancer Patient's Christmas Decorations Vandalized
    Neighbors in Colerain Township, Ohio, rallied to help when someone slashed the Christmas decorations of a 2-year-old with terminal cancer.
    (Published Thursday, Sept. 20, 2018)

    Programs, however, can often include code written by multiple programmers. Prosecutors might need to prove that Hutchins wrote code that targeted specific institutions.

    U.S. Justice Department officials on Friday declined to answers questions about the case. The FBI's Milwaukee field office, which led the 2-year investigation, didn't return requests for comment.

    Ekeland said that what is notable to him from the indictment is that it doesn't allege any financial loss to any victims — or in any way identify them. Besides that, laws covering aspects of computer crime are unclear, often giving prosecutors broad discretion.

    "The only money mentioned in this indictment is ... for the sale of the software," he said.

    Jake Williams, a respected cybersecurity researcher, said he found it difficult to believe Hutchins is guilty. The two men have worked together on various projects, including training material for higher education for which the Briton declined payment.

    Hutchins lives with his family in the town of Ilfracombe, England, and worked out of his bedroom.

    Koreas Strike Nuclear Site Deal, With US Condition

    [NATL] North, South Korea Strike Nuclear Site Deal, With US Condition

    North and South Korea reached a deal to shut down North Korea’s main nuclear site - on one condition.

    (Published Wednesday, Sept. 19, 2018)

    His mother, Janet, who has been frantically trying to reach her son, said she was "outraged" by the arrest and that it was "hugely unlikely" her son was involved because he spends much of his time combatting such attacks.

    Back in May, the curly-haired computer whiz and surfing enthusiast discovered a so-called "kill switch" that slowed the unprecedented WannaCry outbreak.

    He then spent the next three days fighting the worm that crippled Britain's hospital network as well as factories, government agencies, banks and other businesses around the world.

    Though he had always worked under the moniker of MalwareTech, cracking WannaCry led to the loss of his anonymity and propelled him to cyber stardom. There were appearances and a $10,000 prize for cracking WannaCry. He planned to donate the money to charity.

    "I don't think I'm ever going back to the MalwareTech that everyone knew," he told The Associated Press at the time.

    Bajak reported from Houston and Matt O'Brien from Providence, Rhode Island. AP writer Danica Kirka in London contributed to this report.