Marcus Hutchins, known as the WannaCry hero, is a British cybersecurity researcher currently awaiting trial in the US for allegedly selling and distributing banking malware. Hutchins is now facing fresh charges of lying to investigators.
Four new criminal counts have been filed by prosecutors in the US Attorney’s Office for the Eastern District of Wisconsin today. In these new charges, FBI says that Hutchins lied about creating the banking malware, Kronos, and conspiring with others to promote in on online platforms. He was previously facing six counts for felony hacking charges. In total, he is now facing ten charges after today's revised grand jury indictment.
In today's filing, prosecutors have also accused Hutchins of creating and distributing another malware called UPAS Kit that was designed to collect people's credit card information.
These new charges come after Hutchins' attorneys requested a federal judge to supress the statements that he had made to the FBI when they had detained him last year during his visit to the US to attend a security conference. Hutchins' attorneys argue that at the time he was “sleep-deprived and intoxicated” and was “coerced” by the FBI into a confession. They also said that being a non-American he wasn't made aware of his rights.
Critics call FBI's new charges against Hutchins "problematic and meritless"
Hutchins who goes by the Twitter handle MalwareTechBlog has been tweeting about his prosecution and life in America. Following these fresh new charges, Hutchins tweeted:
"Legal and emotional pressure doesn’t really work on me, why not save a couple of years and try waterboarding instead?"
In another tweet, he wrote: "Spend months and $100k+ fighting this case, then they go and reset the clock by adding even more bullshit charges like 'lying to the FBI'."
One of his attorneys called these new charges "meritless" and "bullshit," adding that they "highlight the prosecution’s serious flaws."
The doubling down on the MalwareTech case is bad form, and does and will continue to do serious damage to US interests.
Its clear why they arrested when they did (UK doesn't extradite hackers because the 'But Aspy' defense), but now, come on. https://t.co/vhYH1J4jwd
— Nicholas Weaver (@ncweaver) June 6, 2018
Hutchins rose to global fame when he accidentally found a kill switch to the devastating WannaCry ransomware attack that brought some of the biggest businesses and the healthcare industry of the UK to a halt. The ransomware reportedly affected businesses and personal computers in over a hundred countries. Since then, Australia, US, and the UK have blamed it on North Korea.
Hutchins was flying back to his country after attending DefCon when the FBI arrested him at the Las Vegas International Airport last August. He has pled not guilty to creating and distributing Kronos. Currently free on bail, he is stuck in the US awaiting trial. On the previous six counts of creating and distributing Kronos, the British cybersecurity expert was facing a maximum 40 years in prison. It is unclear if the recent charges will add more to that potential sentence.