Sunday, June 15, 2025
HomeComputer SecurityWannaCry Hero Marcus Hutchins(MalwareTech) Pleads Guilty to Developing a Banking Malware

WannaCry Hero Marcus Hutchins(MalwareTech) Pleads Guilty to Developing a Banking Malware

Published on

SIEM as a Service

Follow Us on Google News

WannaCry hero, Marcus Hutchins, pleads guilty for writing banking malware UPAS Kit and Kronos, prior to years he started his career as malware analyst.

He is known for registering the killswitch domain in 2017 which halted the WannaCry ransomware infection process.

According to the court documents obtained by ZDNet, he pleaded guilty to two counts, one for creating and distributing malware and another count for aiding in distribution, other eight counts have been dismissed.

- Advertisement - Google News

Hutchins faces up to five years in prison, fines up to $250,000 and up to one year of supervised release.

He published a short statement on his website

“As you may be aware, I’ve pleaded guilty to two charges related to writing malware in the years prior to my career in security. I regret these actions and accept full responsibility for my mistakes. Having grown up, I’ve since been using the same skills that I missed several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

He got arrested a few months after the WannaCry attack when he was returning to the UK after attending the Def Con security conference.

During his bail time he shared his malware analysis skills with infosec community, he published various in-depth malware analysis methods including the first look of NSA Reverse Engineering Tool Ghidra.

The case was processed slowly for more than a year as many researchers unwilling to accept his role in Kronos malware campaign. The case shocked the infosec community, as he honored as a hero in stopping the WannaCry ransomware infection.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Miner Malware Uses Multiple Propagation Methods to Infect Windows Machines and to Drop Monero Miner

Two Hackers of Bayrob Malware Gang Convicted for Infecting more than 400,000 Computers Worldwide

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...

Credential Abuse: 15-Min Attack Simulation

Credential Abuse Unmasked

Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with Karthik Krishnamoorthy (CTO - Indusface) and Phani Deepak Akella (VP of Marketing - Indusface) to see hackers move from first probe to full account takeover.

Discussion points


Username & email enumeration – how a stray status-code reveals valid accounts.
Password spraying – low-and-slow guesses that evade basic lockouts.
Credential stuffing – lightning-fast reuse of breach combos at scale.
MFA / session-token bypass – sliding past second factors with stolen cookies.

More like this

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...