Researcher Who Stopped WannaCry Arrested in US After Def Con...

"Why Is the FBI Really Going After the Researcher Who Stopped WannaCry?

An attempt to connect the dots between the FBI's surveillance tools, WannaCry, Marcus Hutchins, and Kronos..."

https://motherboard.vice.com/en_us/...rcus-hutchins-wannacry-kronos-legal-explainer

 

Yes I agree, it would be a shame to waste all of this talent. Just look at his blog, he explains everything in a very clear way, quite impressive.

 

"Marcus Hutchins ["The WannaCry Hereo"] was coerced into admitting to cyber charges, his lawyers claim

Hutchins sleep-deprived and intoxicated at the time of his arrest, claim his lawyers...

[H]is legal team claim that the authorities have mishandled his case.

They have filed a motion demanding that the FBI hand over withheld evidence...

'The defense believes the requested discovery will show the government was aware of Mr. Hutchins' activities while he was in Las Vegas, including the fact that he had been up very late the night before his arrest, and the high likelihood that the government knew he was exhausted and intoxicated at the time of his arrest,' claimed his lawyers in a motion filed on Friday.

His legal team also claim that investigators failed to properly read him his 'Miranda' rights, encouraging him to sign them away rather than keeping quiet until a defense lawyer was appointed to represent him..."

https://www.computing.co.uk/ctg/new...-admitting-to-cyber-charges-his-lawyers-claim

 

Guess this guy still hasn't come to trial yet. He might not be getting back to the UK for some time.

 

Interesting Article on Marcus Hutchins

https://www.schneier.com/blog/archives/2018/03/interesting_art_1.html

 

The current younger generation should be educated about this in school because this kind of thing is going to happen to them if they ever acheive anything in life, the kinds of things they did as teenagers and forgot about will be used against them if they had ever discussed it on the internet.

 

Marcus Hutchins faces hearing today, 4/19/18, in U.S. ‘WannaCry’ case

"MILWAUKEE — A British cybersecurity expert currently living in Los Angeles who was once heralded as a hero for stopping the WannaCry worldwide computer virus is due in a Milwaukee courtroom Thursday, where he will ask the judge to toss statements he made to the FBI after his arrest for allegedly writing and distributing malicious software use to steal banking passwords...

...court documents prosecutors filed Wednesday seeking to preserve Hutchins’ post-arrest statements include new revelations. For example, prosecutors say Hutchins signed a consent form allowing the FBI to search his backpack, phones, and laptops and that he “was lucid and answered many detailed questions” during a nearly two-hour interview with agents.

Hutchins’ defense attorneys are trying to get those statements suppressed, saying he was sleep-deprived...and that he didn’t fully understand Miranda warnings because he’s a foreigner...

In the new court filings, prosecutors also say Hutchins knew he was being recorded when he made two phone calls in which he 'made multiple incriminating statements … including writing the code for the banking Trojan and compiling malware binaries and sending to someone....

It wasn’t initially clear why the case was filed in Wisconsin, but prosecutors say in the court documents filed Wednesday that Hutchins is suspected to have sold the Kronos software to someone in the state. He also “personally delivered” the software to someone in California, prosecutors say..."


https://www.mercurynews.com/2018/04...ty-expert-faces-hearing-in-u-s-wannacry-case/

 

Well it is quite a mess the fellow is stepped in to, no question about that.

This particular ordeal (in my opinion) parallels reminders of those old tell all capers where satisfactory cooperation with authorities led to a witness protection program. If the dude is sharp and learned enough (and acceptable to experts in the field) it might would be better for both sides for an option to program for the good guys?

However in the current political climate and the boy being a foreign citizen, i'm just going to venture a guess consideration will be given from what they managed to learn from what was shared but still gets some form of a penalty, maybe a small one?

This is an interesting situation on so many levels.

 

Marcus Hutchins' case delayed

"Attorneys for a British cybersecurity expert credited with stopping a computer virus have been given more time to prepare for arguments on whether to suppress statements he made to the FBI after his arrest on criminal indictment.

Attorneys for Marcus Hutchins asked for a continuance Thursday because prosecutors alerted them Wednesday night that they planned to present details of jailhouse phone calls they say are incriminating..."

https://www.foxbusiness.com/features/the-latest-british-cybersecurity-experts-us-case-delayed

 

"Phonecall where hacker discussed writing code that became banking malware released by US prosecutors

The Devon computer expert who helped shut down the WannaCry cyber attack on the NHS discussed once writing software that was turned into banking malware, it has emerged.

A call transcript shows Marcus Hutchins said he had written code as a youngster that was then turned into malicious software that US prosecutors say harvested banking details...

Hutchins said: 'So I wrote code for a guy a while back who then incorporated it into a banking malware, so they have logs of that, and essentially they want to know my part of the banking operation or if I just sold the code on to some guy... once they found I sold the code to someone, they wanted me to give them his name, and I don't actually know anything about him."

Hutchins also said that logs of an online chat showed he had also given software called "compiled binary" to someone "to repay a debt" of "about five grand"..."

https://www.devonlive.com/news/devon-news/phonecall-hacker-discussed-writing-code-1572110

 

"British researcher hailed for killing 'WannaCry' worm charged in second indictment

Marcus Hutchins, a British cybersecurity researcher awaiting trial in the U.S. for felony hacking charges, was named in a superseding indictment Tuesday with new counts including lying to investigators.

The four new criminal counts filed by prosecutors in the U.S. Attorney’s Office for the Eastern District of Wisconsin add to the six unsealed last summer...

Prosecutors this week brought three new hacking charges against Mr. Hutchins as well as one count of lying to investigators in violation of federal law...

Separate from Kronos, prosecutors now allege Mr. Hutchins also sold and developed “UPAS KIT,” another type of malware marketed to “install silently and not alert antivirus engines,” according to the updated indictment. Mr. Hutchins allegedly created UPAS Kit and gave it to someone identified in the indictment as “Individual A” who in turn sold it in July 2012 to a person located in the Eastern District of Wisconsin, prosectors said Tuesday...

Prosecutors also alleged in the new indictment that Mr. Hutchins and Individual A later worked together on Kronos and conspired to monetize the malware by promoting it with a YouTube video. The two maintained Kronos through at least February 2015, according to the indictment, when Mr. Hutchins allegedly discussed updating it during an internet chat with a third person identified in the indictment as “Individual B.”...

'Spend months and $100k+ fighting this case, then they go and reset the clock by adding even more [expletive] charges like ‘lying to the FBI’,' Mr. Hutchins said Wednesday through his Twitter account. 'Legal and emotional pressure doesn’t really work on me, why not save a couple of years and try waterboarding instead?'..."

https://www.washingtontimes.com/news/2018/jun/6/marcus-hutchins-british-researcher-hailed-killing-/

"...Moments after the charges were filed, Hutchins sent tweets asking for donations for his defense..."

https://www.washingtonpost.com/busi...4e693b38637_story.html?utm_term=.902ef3000cf2

 

Appears the dude just keeps "digging a deeper legal hole" for himself. If he just "co-operated" in the beginning and "spilled his guts" to investigators, he would be back in the U.K. sleeping in his own bed.

 

His comments about waterboarding seem to imply the FBI believes he knows something they want to know too and he is not telling.

 

We see and seen weird before, but this one goes off the charts. Why not dish out the whole ordeal and been done with it, take the medicine, and sleep nights.

Dude may of could been invited to do the productive thing and earn a modest living from it. At the very least as stated it would have been completed and he could go back to his life.

 

"Ego" drives hackers. Also the "defense fund" crap hasn't helped matters. It has just further "enabled" him to believe he "can beat this wrap" since after all, someone else is paying for his legal defense.

 

I think ego is driving both sides.

 

WannaCry Hero’s New Legal Woes Spell Trouble for White Hat Hackers

https://www.wired.com/story/wannacry-hero-marcus-hutchins-new-legal-woes-white-hat-hackers/

 

Here is a "must read" for anyone who is interested in the Hutchins case:

"DOJ Stacks Charges On MalwareTech, Including Stuff Put Out Of Reach By The Statute Of Limitations..."

https://www.techdirt.com/articles/20180609/12224539999/doj-stacks-charges-malwaretech-including-stuff-put-out-reach-statute-limitations.shtml?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+techdirt/feed+(Techdirt)

 

Couldn't agree more with that assessment.

However one side has the upper hand to the final outcome if the law of averages still prevail.

 

@hawki yes I agree that is a must read.
It should be clear to everyone(if it wasnt already) that this is not a case of law enforcement doing their job, which should just have been to investigate whether Hutchins had anything to do with wannacry.

This is a case of victimization and I still believe Wannacry was a covert operation to attack legacy Windows systems so die hard organizations would upgrade to W10 machines over which they have full surveillance capabilities and Hutchins screwed it all up.

Someone has to be directing the investigation into Hutchins and allocating the kind of resources it takes to dig the dirt on someone that has been targeted to be taken down. THAT is what should be being investigated.

 

Hutchins moves to toss hacking charges
July 13, 2018
https://www.theregister.co.uk/2018/07/14/security_roundup_july_13/

 

MalwareTech loses bid to suppress damning statements made after days of partying
Researcher said statements he made after taking intoxicating substances should be thrown out
February 14, 2019
https://arstechnica.com/tech-policy...mning-statements-made-after-days-of-partying/

 

MalwareTech's Judge Seems More Sympathetic to Hutchins about the Intent of Prosecution than the Law
February 17, 2019
https://www.emptywheel.net/2019/02/...ic-on-the-intent-of-prosecution-than-the-law/

 

If it is true that Stadtmueller did see that prosecuting Hutchins seems stupid, pretty soon after that he should have realized the FBI don't do stupid and therefore there has to be more to this than meets the eye. I hope during the trial it is revealed that WannaCry was a covert government operation to attack Windows legacy systems so that die hard users and organizations would update to the latest surveillance infested Windows 10 systems and Hutchins screwed it up for them by identifying the wannacry off switch. By registering the sinkhole domain, he could have been receiving data from WannaCry that was meant for whoever was running the operation and if that data was incriminating it may have been the reason he was targetted because when he was arrested, the FBI went all out to prevent Hutchings from having any further access to that domain, but now if you read the report the FBI agent was telling him the investigation was not about wannacry so that is already contradictory.

 

That's possible, certainly.