Researcher Who Stopped WannaCry Arrested in US After Def Con...

One thing that is notable is the British security services are aware of the situation. Nor has there been any public statements against the prosecution by the British government on this issue. It could very well be he was under surveillance in the U.K. and when it was learned he was headed for the U.S., they jointly agreed to let the U.S. prosecute him.

Working for an IT security firm would be the ideal cover for a hacker. Also a bit suspicious from day one in regards to WannaCry incident was that a young obscure security analyst "discovered" at way to disable WanaCry in its early stages. Makes one believe that he was somehow "privy" to the inner workings of the malware prior to its deployment.

 

News3LV Reporter's twitter feed has more details:

https://twitter.com/ChristyNews3LV

"Christy Wilcox‏Verified account @ChristyNews3LV

Among @MalwareTechBlog release provisions NO internet access, must where GPS monitoring, no contact w unknown co-defendant"

 

That's pretty low bail. Probably because "he's already spilling his guts" to the Feds. Expect the Dark Web is in panic mode over what and who "he will finger."

Actually, he might have been safer in jail.

 

I know, right? I didn't think he was framed, maybe the charges were played with, I dunno. Thanks, hawki, for clarifying that he possibly did profit from the deployment of his malware, one article stated "damage to the devices." ?. Plus, from the perspective of a commoner, how can you paint a malware coder and purveyor as a paragon of innocence and heroism? He's in big trouble outside the legal context; he's dealing with a big unknown vis-à-vis WannaCry and the Feds for that matter. Maybe he should stay, you know, indoors. He can't even change his appearance and identity, can he?

 

"WannaCry-killer Marcus Hutchins released on bail after Feds accused him of crafting malware...

...Handing $3,000 to a bail bondsman will see him able to leave jail...

Prior to the hearing, Hutchins filed a motion to allow him to appear in court without wearing full shackles...he appeared in a yellow detainee jumpsuit and orange Crocs.

Local news reported that prosecutors cited Hutchins' recent trip to a gun range as proof that he should be denied bail and kept in jail...

However, prosecutors are also claiming that Hutchins has admitted to writing malware, according to AP. That sounds bad, and it is, but there could be an explanation.

In April 2014, well before Kronos hit, Hutchins put up a blog post entitled 'Coding Malware for Fun and Not for Profit (Because that would be illegal).'In it he explained how to write a bootkit for Windows XP, but took steps to make sure it was next to useless..."

https://www.theregister.co.uk/2017/08/04/30k_bail_for_marcus_hutchins/

 

. Now that's unexpected!

 

The funding for the bail will be coming from supporters world-wide.

Hutchins will not be released until Monday -- hearing ended at 4:30 and court clerk's office closed at 5:00 not allowing sufficient time to source bail money.

Hutchins vehemently denied all charges.

Interview with Hutchins lawyer:

https://www.facebook.com/ChristyNews3LV/videos/1746478715365613/

"...Hutchins will appear at a court in Wisconsin, where the case was filed, on August 8."

http://www.zdnet.com/article/wannacry-researcher-pleads-in-banking-malware-case/

Full detailed Associated Press Report:

http://www.chicagotribune.com/news/nationworld/ct-hacker-malware-marcus-hutchins-20170804-story.html

 

"...As part of a sting operation, undercover officers had bought the code from Hutchins and his co-defendant, who is still at large, [Prosecutor] Cowhig said in court. The prosecutor said there is also evidence from chat logs between Hutchins and the co-defendant, revealing that Hutchins complained about the money he received for the sale..."

https://www.theguardian.com/technology/2017/aug/04/wannacry-marcus-hutchins-kronos-malware-arrest

NB: Re: "bought the code from Hutchins and his co-defendant," -- The Prosecutor likely bought banking trojan code directly only from the co-defendant and is using the concept of conspiracy to attribute the sale to Hutchins as well. Hutchins is denying all allegations. Highly unlikely that the plant engaged in a three-way chat with the co-defendant and Hutchins to negotiate the sale.

Re: "Hutchins complained about the money he received for the sale." For the sale of what? The sale of Kronos in the sting or the sale of code to the co-defendant?

"...[Hutchins] admitted in a police interview he created a code which harvests bank details [not specifically Kronos] and "indicated" [?] that he sold it, a prosecutor told his US court hearing.

http://www.telegraph.co.uk/news/201...rcus-hutchins-admitted-creating-code-harvest/

 

"The Kronos indictment: Is it a crime to create and sell malware?..."

https://www.washingtonpost.com/news...eate-and-sell-malware/?utm_term=.ec03ca14ad2a

 

I really find it hard to believe that such a talented guy would go for a quick buck, but guess we will find out. I mean, why would he damage his reputation? Just look at his blog, this kid is almost a genius.

 

Sting operation, thats code for yep, they set out to nail him.
He probably should have bought himself a $100 LLC while in Vegas...
As for indicting him for selling wiretapping devices, has anyone considered that if a computer program that intercepts digital communications is an illegal wiretapping device, can you imagine how much illegal software is out there right now, and how the Judges decision in this case could affect the anti malware industry ?

 

"Black hat or white hat? Questions swirl around hero researcher's sudden arrest..."

https://www.theverge.com/2017/8/5/1...tech-wannacry-arrest-cfaa-prosecution-charges

 

The article says,

I wonder if anyone in "the community", in their state of confusion, remembers another teenager who was caught doing his own little bit of computer hacking, to a corporate web server no less. His punishment was only to be banned from using a computer for a year. That kid's name was, Bill Gates.

 

"WannaCry hero heads into Tuesday hearing as the security community crowdfunds his defense...

With a hearing set for Tuesday in Wisconsin, Hutchins’ many supporters have rallied to donate toward covering his legal costs. The fund was set up by Symantec Cybersecurity Czar Tarah Wheeler and the tech law firm of Tor Ekeland..."

https://techcrunch.com/2017/08/07/marcus-hutchins-legal-defense-fund-malwaretech/?ncid=rss

 

Definitely a "high-powered" outfit: https://torekeland.com/ . Wonder if he will keep the PD around? She definitely "brightened up the surroundings."

 

Maybe so. but he his big clients have a tendency to be found guilty and go to prison (but I guess he knows the law ):

"Tor Ekeland is a New York–based lawyer. In 2013, he was the lead counsel for weev [Andrew "weev" Auernheimer] during the AT&T iPad email address leak legal case, in which weev was jailed and subsequently released.** This case is considered to be one of the most important Computer Fraud and Abuse Act cases in recent times. In 2013, Ekeland represented Matthew Keys **** in a hacking case in which he was subsequently found guilty..."

https://en.wikipedia.org/wiki/Tor_Ekeland

**
The subsequent release of Andrew "weev" Auernheimer was on a legal technicality after he had spent more than a year in jail, i.e., -- an appeals court found that the Government had filed his case in the wrong venue/jurisdiction.

https://en.wikipedia.org/wiki/Goatse_Security#AT.26T.2FiPad_email_address_leak

****
"...In April of 2016, [Mathew] Keys was sentenced to two years in prison following his felony conviction under the CFAA for providing the Anonymous hacktivist group with unauthorized access to the Los Angeles Times website following his dismissal in 2010 from Tribune-Co; the parent company for both KTXL and the Los Angeles Times...."

https://en.wikipedia.org/wiki/Matthew_Keys

 

Well, he defended Matthew Keys who could have received a max. sentence of 25 years and instead got two years. Suspect he's already out of prison on an early release?

https://www.wired.com/2016/04/journalist-matthew-keys-sentenced-two-years-aiding-anonymous/

 

Yeah, I guess there's only so much a lawyer can do for a guilty as charged defendant other than obtaining a verdict of innocent.

Definitely agree that it would be nice if Hutchin's Las Vegas lawyer got more "face" time. In addition to her optics [ 00 ] she was very impressive.

 

"Marcus Hutchins’ Only Certainty is Uncertainty..."

[Good Read that includes comments of Hutchin's lawyer,Tor Ekeland, and of members of the security and white hat communities]

https://threatpost.com/marcus-hutchins-only-certainty-is-uncertainty/127270/

 

I will say this to people outside the U.S. on how things work here. It is an almost certainty that Hutchins will be found guilty. The only thing in question will be what his actual sentence will be.

When the FBI presents its evidence to a federal prosecutor, it is "air tight." Their investigations take years to develop; not months which is the norm for local and state conducted investigations. If their is any doubt in the FBI's mind that their evidence will not succeed in a court conviction, they won't present it for prosecution.

Since Hutchins is charged with a felony, it will depend on what degree it is. The higher degree felonies all require mandatory jail time. His WannaCry mitigation "hero status" assuming he was in no way involved in the incident at any stage, could or could not influence a federal judge's sentence. It pretty much depends on the judge and what the sentencing guidelines are he must adhere to. Even if Hutchins was to receive a very reduced or suspended jail sentence, the following could occur. He could be required to remain in the U.S. until his probationary period is over. He could be slapped with a hefty fine in the hundreds of thousands of dollars.

 

One thing to see is whether the prosecution will bust a hole in the WannaCry angle with some evidence that maybe this wasn't so accidental, that his feat might have been self-serving because of some hidden inside knowledge. The reported means for curbing the WCry spread were so improbable, it's hard not to be skeptical. How come someone else with like talents didn't "blunder" into this magical loophole, only he of all people? He's facing a truly formidable opponent in the FBI.

Do I want Hutchins to do prison time if truly guilty? Sure do. The hat is white or it is black; you don't wear one over top of the other whenever it suits your purpose. Plus, something about this whole scene stinks.

 

@hawki and @itman. Would Hutchins benefit if the mystery co-defendant was tried before him?

I assume they would not try them together. Or would they?

 

Here's a link to an article where the term "mystery co-defendant" was used: http://randomtopics.org/viewtopic.php?f=61&t=1360. It usual means that that the real identity of the person is not known; only that he exists. Possible that is what the FBI is after and Hutchins "leverage" is what deal he can get from the FBI for revealing who the person is.

 

Dunno @emmjay -- but hawki has always believed that the FBI's main interest in Hutchins is to get his help in building its case against the unamed co-defendant who it appears did most of the "active dirty work" aside from writing and updating the code. The FBI was most likely able to nab Hutchins cuz he got caught up in that recent big bust of that dark web site. The FBI likely wants/needs more info about the co-defendant's activities before they nab him. As to his identity, we at least know that he is a legal resident of or has a substantial nexus with Wisconsin. The FBI probably knows who he is and where he is,having put a tail on him before they busted Hutchins.

The co-defendant is not an "Unamed Co-Conspirator. " The indictment contains a name for him that was redacted. But hawki concedes that @itman could be right about the FBI's not knowing his actual,true, real life identity.

 

Yes it does but you are completely missing the point.
I have been trying to tell you all this for months now.
The entire industry is corrupt and wannacry was a marketing tool !!
Of course Hutchins was not the only one who tested the wanna cry malware and saw it attempting to connect to an internet domain before it installed. ANYONE who tested it would have seen that!!

I mean seriously I don't wanna be a total **** about it and insult everyone's intelligence but what is it about this you all don't get?
Hutchins was the only one who was not in on it so he goes ahead and registers the domain it was trying to connect to and ooops poor old Marcus just ruined a lot of peoples day and now he's paying the price.