Ethical Hacker Guilty Of Malware Attacks

Uploaded on 2019-04-23 in TECHNOLOGY--Hackers, FREE TO VIEW

British cyber security researcher Marcus Hutchins has pleaded guilty to two charges related to malware attacks used to steal details from US-based banking systems, court documents show. The programmer from Ilfracombe, Devon has been in FBI custody since being detained at a Las Vegas Airport in August 2017 on 2 August 2017.

Since entering his plea Hutchins, who goes by the Twiitter handle MalwareTech said in a statement accepting the charges that he “regrets these actions and accept full responsibility for my mistakes.”

If found guilty, he faces up to five years in a US federal prison and fines totaling $250,000 although both the prosecution and defense teams have shown a willingness to accept a plea deal giving him a lighter sentence. Whilst his stock across the Atlantic might be that of a criminal, in the UK he is seen as a hero in online security circles.

In May 2017, Hutchins was instrumental in detecting and activating the kill-switch in the ransomware programming known as Wannacry which crippled software systems in over 150 countries. Targeting networks using out-dated Microsoft operating systems, those typically used by most government agencies, the software encrypted entire databases and demanded a ransom for their safe return.

Among the worst affected was the British NHS public health system, which suffered total shutdown of a third of its hospitals and 8% of its GP surgeries costing nearly $120 million in damages over the space of just a week.

Using his background in hacking private servers, Hutchins discovered a patch that stopped the ransomware spreading to other networks on a server that could then be used as a platform to attack other networks. Microsoft quickly installed the patch and the worm quickly disappeared.

But before his role as hero of the hour, and aged just 18, Hutchins developed and distributed the virus Kronos which was then sold to an anonymous buyer using the name Aurora123.

For three years between July 2012 and August 2015, the malware was used to steal information from privately protected computers in America, including bank details and transactions. Because of his previous good deeds, the case has received significant publicity.

His supporters point to him being a minor when he developed the code that eventually ended up in Kronos malware, that he only realised his mistake when he reverse-engineered said code and that the 5 year statute of limitations has passed on when he committed the original crime.

The FBI for their part has a raft of evidence to the contrary. Under interrogation, during which the defense team claim their client was manipulated into providing false confession, Hutchins admitted creating the password-hacking programming used by Kronos. They also have a Malwaretech blog post which explicitly tells readers how to hack CAPTCHA protected passwords and so infiltrate networks, which is exactly what happened.

For his part, the accused is not shying away from his own guilt. His statement continues that “Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

How exactly he plans to do that from behind the walls of a federal prison remains to be seen by cultivating his image of the teenage bad-boy done good is sure to be welcomed back to the cyber intelligence community with open arms.

Unlike other perpetrators of similar attacks recently, Hutchins is unlikely to be made an example of. Once his sentence is served, whatever that may be, an extradition back home and a lengthy US travel ban await. Beyond that, Hutchins will emerge as one of the most famous and eminent faces in the battle to shore4 up cyber defense. Not bad for an 18-year old trying to steal passwords out of a bedroom in his parent’s house.

By Jackson Mardon-Heath

You Might Also Read: 

Preventing Another Wannacry:

 

« The CIA's Cloud Contract Is Worth Billions
Cognitive Science Can Explain Why Fake News Works »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

Information Commissioner's Office (ICO) - UK

Information Commissioner's Office (ICO) - UK

The Information Commissioner's Office is an independent authority set up to uphold information rights in the public interest.

Solarflare

Solarflare

Solarflare is a leading provider of intelligent networking I/O software and hardware platforms that accelerate, monitor and secure network data.

Cellebrite

Cellebrite

Cellebrite delivers comprehensive solutions for mobile data forensics and mobile lifecycle management.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

ICT Reverse

ICT Reverse

ICT Reverse is one of the UK’s leading, fully accredited providers of ICT asset disposal and secure data erasure.

KBR

KBR

To help governments and other agencies to combat cyber threats, KBR is safeguarding their most valuable systems with sophisticated tools, hardware and training.

Fluid Attacks

Fluid Attacks

Fluid Attacks specialize in red team operations as well as technology development that continuously enhance our security testing services.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

Opticks Security

Opticks Security

Opticks provides fraud detection and monitoring solutions for leading brands. agencies and networks. Our relentless mission is to deliver reliable and innovative software to beat digital fraud.

Oxford Internet Institute - University of Oxford

Oxford Internet Institute - University of Oxford

The Oxford Internet Institute is a multidisciplinary research and teaching department of the University of Oxford, dedicated to the social science of the Internet.

Green Enterprise Solutions

Green Enterprise Solutions

Green Enterprise Solutions are a Namibian company providing Information and Communication Technology (ICT) services to corporate Namibia.

Moore ClearComm

Moore ClearComm

Moore ClearComm is part of Moore Kingston Smith a leading UK firm of accountants and business advisers. Our services include Data Privacy, Cyber Security, Business Continuity and Information Security.

Minorities in Cybersecurity (MiC)

Minorities in Cybersecurity (MiC)

MiC was developed out of a unique passion to help fill the gap that exists in the support and development of women and minority leaders in the cybersecurity field.

AgilePQ

AgilePQ

AgilePQ visibly secures IoT devices worldwide to protect the privacy, safety, and well-being of all people.

ZEST Security

ZEST Security

The ZEST platform natively integrates into your technology stack to make efficient risk remediation possible.