[kictanet] Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI

Julius Njiraini njiraini2001 at gmail.com
Fri Jun 8 11:11:01 EAT 2018


 Marcus Hutchins
<https://thehackernews.com/2017/08/malwaretech-marcus-hutchins.html>, the
British malware analyst who helped stop global Wannacry menace
<https://thehackernews.com/2017/05/how-to-wannacry-ransomware.html>, is now
facing four new charges related to malware he allegedly created and
promoted it online to steal financial information.

Hutchins, the 24-year-old better known as MalwareTech, was arrested by the
FBI <https://thehackernews.com/2017/08/marcus-hutchins-arrested-fbi.html>
last year as he was headed home to England from the DefCon conference in
Las Vegas for his alleged role in creating and distributing Kronos between
2014 and 2015.

Kronos is a Banking Trojan designed to steal banking credentials and
personal information from victims' computers, which was sold for $7,000 on
Russian online forums, and the FBI accused Hutchins of writing and
promoting it online, including via YouTube.
Hutchins pleaded not guilty
<https://thehackernews.com/2017/08/malwaretech-marcus-hutchins.html> at a
court hearing in August 2017 in Milwaukee and release on $30,000 bail.

However, a revised superseding indictment was filed with the Wisconsin
Eastern District Court, under which Hutchins faces four new charges along
with the six prior counts filed against him by the FBI a month before his
arrest.
Marcus Accused of Creating and Selling Another Malware According to the new
indictment, Hutchins created a second piece of malware, known as "*UPAS Kit*,"
and also lied to the Federal Bureau of Investigations (FBI) when he was
arrested and questioned last year in Las Vegas.

As described by prosecutors, UPAS Kit is Spybot virus that "allowed for the
unauthorized exfiltration of information from protected computers" and
"used a form grabber and web injects to intercept and collect personal
information," including credit card details.

UPAS Kit advertised to "install silently and not alert antivirus engines,"
for prices ranged above $1,000 back in 2012.

According to the indictment, Hutchins created UPAS Kit in 2012, when he was
just 18, and sold it online to another unnamed co-defendant identified as
"VinnyK" (aka Aurora123), who was also involved in promoting Kronos.

VinnyK then sold UPAS Kit to another person in Wisconsin in 2012, who
allegedly used the malware to attack computers in the United States.

Two other charges relate to Hutchins "aiding and abetting" the distribution
of invasive code in an attempt to damage "10 or more protected computers,"
and helping others to hack computers for financial gain.

Marcus Appealed to his Followers for Donations to Cover Legal Costs As the
news on the revised indictment broke, Hutchins, who has repeatedly denied
any illegal activity, called the charges "bullshit" and appealed to his
Twitter followers for donations to cover legal costs.

"Spend months and $100k+ fighting this case, then they go and reset the
clock by adding even more bullshit charges like 'lying to the FBI,'"
Hutchins wrote
<https://twitter.com/MalwareTechBlog/status/1004420585869332480?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Fwww.cyberscoop.com%2Fmarcus-hutchins-upas-kit-charges-fbi%2F>
on
his Twitter, calling for donations by adding a quote from Starcraft video
game: "We require more minerals."

Hutchins' lawyer Brian Klein called the charges "meritless" and said he
expects his client to be cleared of all charges.

"[We] are disappointed the govt has filed this superseding indictment,
which is meritless," Klein tweeted. "It only serves to highlight the
prosecution's serious flaws. We expect [Hutchins] to be vindicated and then
he can return to keeping us all safe from malicious software."

Hutchins, who is living in Los Angeles on bail, is unable to leave the
United States since last year due to his pending criminal charges.

Hutchins stormed to fame and hailed as a hero earlier last year when
he accidentally
stopped
<https://thehackernews.com/2017/05/wannacry-ransomware-cyber-attack.html> a
global epidemic of the WannaCry ransomware attack
<https://thehackernews.com/2017/05/wannacry-ransomware-unlock.html> that
crippled computers all across the world.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20180608/65d207b4/attachment.htm>


More information about the KICTANet mailing list