Researcher Who Stopped WannaCry Arrested in US After Def Con...

They don't have to do that, they can access your datas whenever they want, even before win10... Not saying, Gov agencies have the brightest hacking minds, no need such little scheme...

I bet if it was a gov operation, they wouldn't be cut so easily by a bystander...

 

Yeah because 9-5 Government employees always do such a great job lol.

The facts speak for themselves.
If you want to, we can assume wannacry itself was not a government operation. So who stopped it? The trillion dollar US Government, or Marcus Hutchins? Marcus analysed wannacry, discovered it was trying to connect to a domain and registered that domain to find out why. At the same time the entire anti-malware industry and the US Government did nothing. So however you look at it, Marcus Hutchins was not just a bystander. His analysis made them all look like amateurs.

 

Do you really think that such big agencies can only recruit low-level people that get own by Mr nobody... Come on...
Not saying, you just theorize about a conspiracy only you imagined:
Agencies helping MS to gain more market shares just to collect more datas... Really?
Govs have more easier and stealthier way to collect your datas.

 

Like I just said, if you want to believe wannacry was not a government covert operation then you have to believe ONLY Marcus Hutchins analysis was able to identify that wannacry was attempting to phone home to a non existant web address and that the entire anti-malware industry and the NSA was not able to do that same analysis and see that?
So you can't have it both ways. Either they are all amateurs at malware analysis compared to Hutchins or they all knew that wannacry was doing but did nothing because they were all in on it.

 

Did you considered maybe they knew about it and waited to get more evidences to catch the culprits on action and the poor dude just blew everything?

I theorize too since we will probably never know the truth.

You know how authorities work, they let pass small things to get the bigger fish.

 

No because if they were waiting for the supposed wannacry criminals to register that domain, the British authorities would have swooped on Hutchins the minute he registered it but you can see from what happened after that, Hutchins never was the wannacry suspect even when he registered that domain to receive the communications from wannacry. That lends more weight to my theory because of course they wouldnt suspect Hutchins of wannacry if they already knew it was a covert government op.

 

"Security researcher MalwareTech pleads guilty

WannaCry hero faces up to ten years in a US prison


Marcus "MalwareTech" Hutchins, the British security researcher known for stopping the WannaCry ransomware outbreak, has pleaded guilty today to writing malware in the years prior to his prodigious career as a malware researcher...

According to court documents obtained by ZDNet, Hutchins pleaded guilty to two counts, and the government agreed to drop the other eight.
He pleaded guilty to entering a conspiracy to distribute malware and aiding and abetting its distribution.

For each count, Hutchins faces up to five years in prison, up to $250,000 in fines, and up to one year of supervised release...

https://www.zdnet.com/article/security-researcher-malwaretech-pleads-guilty/#ftag=RSSbaffb68

 

Now it's what the prosecution recommends for sentencing although U.S, judges have ignored that on a number of occasions.

I suspect something not no harsh since he has publicly admitted his guilt and that he was a "naughty boy" to boot. Plus, he's a U.K. citizen. If he's lucky, he might even be able to serve any prison time in the U.K..

 

Let's hope so, it would be a waste of talent. Of course what he did was wrong, but hopefully he will now use his knowledge to secure systems.

 

FYI:

Hutchins Plea Deal Agreement:

https://www.documentcloud.org/documents/5972658-Marcus-Hutchins-plea-agreement.html

 

No specifics in there as to term recommendations outside of the 5 year established precedent for each charge. So it's pretty much up to the judge.

Also whatever sentence he receives can always be reduced after imprisonment as often happens in federal cases. For example, the sentences on both charges can be set to run concurrently. So he might receive 3 years on each count. Sentences to run concurrently. He serves 18 months or so in a federal "while collar crime" facility; these are actually pretty good places as far as U.S. prisons go. Then he gets an early release on good behavior, blah-blah, and is immediately deported back to the U.K.

 

British Cyber Expert to Be Sentenced for Creating Malware
July 26, 2019
https://www.nytimes.com/aponline/2019/07/26/us/ap-us-cyberattack-fighter-detained.html

 

Internet never forget, play with fire, you will get burn.

 

The lesson to be learned from this incident is prosecution cooperation; profuse published atonement for one's past criminal activity; long elapsed time termination of that activity; and subsequent good deeds (Killswitch), go a long way in sentence determination in the U.S. courts.

Being a British national also goes a long way since he will simply be deported and that will be the end of it as far as the U.S. is concerned.

The big remaining question is if the U.K. will go after him.He also is quite vulnerable to civil litigation from those affected economically by the Kronos malware. All depends on statue of limitations criteria.