A British cybersecurity researcher who helped end the WannaCry attack pleads guilty in a hacking case

April 19, 2019, 20:24 GMT

By Cyrus Farivar and David Ingram

A Briton who gained notoriety in cybersecurity circles by helping to end the WannaCry ransom program's attack in 2017 has agreed to plead guilty in Wisconsin to unrelated hacking charges, reported Friday. a federal court.

The man, Marcus Hutchins, who was arrested by US authorities two years ago, signed an agreement with prosecutors to plead guilty to two of the 10 counts against him by a grand jury, according to a copy of the agreement filed in the US District Court in Milwaukee.

Both charges describe a conspiracy to promote, disseminate and exploit malicious programs known as UPAS Kit and Kronos, as well as an effort to broadcast a device used primarily to surreptitiously intercept electronic communications.

"I regret these acts and accept full responsibility for my mistakes," said Hutchins in a statement posted on his website. "Having grown up, I have been using the same skills that I used a few years ago for constructive purposes. I will continue to devote my time to protecting people against malware attacks. "

A spokesman for the US Attorney's Office in East Wisconsin District declined to comment.

Hutchins, who went through "MalwareTech" online, incurs up to five years in prison for each of the two counts if the plea agreement is accepted by the court, although many accused are sentenced to less than the maximum penalty provided by law. Prosecutors have agreed to give Hutchins the credit for accepting his responsibility, says the plea contract.

The plea agreement also allows a court to require that Hutchins pay compensation.

Hutchins was arrested by the FBI in August 2017 in Las Vegas, where he was among tens of thousands of hackers who had visited the city at the annual cybersecurity conventions known as Black Hat and Def Con, then reported Reuters.

He asked for cash donations for his legal defense, particularly after prosecutors in June 2018 added charges to the initial indictment, Ars Technica reported.

The global attack on the WannaCry ransomware of May 2017 hit computers in more than 150 countries, affecting institutions such as the British Health Service and the German Railways. Last year, the US Department of Justice indicted a North Korean spy for helping to carry out this attack, among other things.

Hutchins was hailed in the media and in cybersecurity circles for helping to end the attack by discovering a so-called interaction switch that slowed the onset of malicious code.