WannaCry hero, Marcus Hutchins, pleads guilty for writing banking malware UPAS Kit and Kronos, prior to years he started his career as malware analyst.
He is known for registering the killswitch domain in 2017 which halted the WannaCry ransomware infection process.
According to the court documents obtained by ZDNet, he pleaded guilty to two counts, one for creating and distributing malware and another count for aiding in distribution, other eight counts have been dismissed.
Hutchins faces up to five years in prison, fines up to $250,000 and up to one year of supervised release.
He published a short statement on his website
“As you may be aware, I’ve pleaded guilty to two charges related to writing malware in the years prior to my career in security. I regret these actions and accept full responsibility for my mistakes. Having grown up, I’ve since been using the same skills that I missed several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”
He got arrested a few months after the WannaCry attack when he was returning to the UK after attending the Def Con security conference.
During his bail time he shared his malware analysis skills with infosec community, he published various in-depth malware analysis methods including the first look of NSA Reverse Engineering Tool Ghidra.
The case was processed slowly for more than a year as many researchers unwilling to accept his role in Kronos malware campaign. The case shocked the infosec community, as he honored as a hero in stopping the WannaCry ransomware infection.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
Miner Malware Uses Multiple Propagation Methods to Infect Windows Machines and to Drop Monero Miner
Two Hackers of Bayrob Malware Gang Convicted for Infecting more than 400,000 Computers Worldwide
Cisco Systems has issued a critical security advisory for a newly disclosed command injection vulnerability…
A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from networks…
GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that…
A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been…
Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series…
A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox,…