back to article WannaCry vanquisher Marcus Hutchins pleads not guilty to flogging banking trojan Kronos

Marcus Hutchins, the WannaCry kill-switch hero, has today pleaded not guilty to charges of creating and selling malware at a hearing in Milwaukee, Wisconsin. The court took the unusual step of relaxing the the 23-year-old's bail terms, allowing him to access the internet and work again. He will also be able to live in Los …

  1. Oh Homer
    Flame

    "relaxed the ... bail terms"

    Did they also refund the three grand he had to pay in "bail bond fees"?

    1. Anonymous Coward
      Anonymous Coward

      Re: "relaxed the ... bail terms"

      No. Because the US 'justice' system is corrupt.

    2. Anonymous Coward
      Anonymous Coward

      Re: "relaxed the ... bail terms"

      Depends on how you paid the bail. If you use an intermediary, they will want their slice of the cake, of course. Then we can discuss the businesses that are created around the US judiciary system... and how ethical this is.

  2. Anonymous Coward
    Anonymous Coward

    Fucking idiot Yank 'law' enforcement

    That is all.

  3. davenewman

    I thought bail bonds are returnable when he finally surrenders at the court. However, the fees to a bail bondsman to get the loan of the amount are not. At least if Janet Evanovich's explanations in her books are accurate.

    1. AndrueC Silver badge

      If you're wealthy you can pay to regain your freedom and if you aren't convicted it ultimately costs you nothing.

      If you're an average Joe it costs you 10% of your bail to regain your freedom and you don't get it back. So that could be goodbye to all of your savings.

      If you're poor then you're screwed. You just rot in Jail for as long as it takes the system to get around to to trying your case.

      But it gets better. Even being arrested can screw you over. Even if the charges are dropped the arrest record still exists and can haunt you and continue to cause problems. You can have arrest records expunged in some states..for a price.

      To be fair there are RoR schemes in most states and even schemes where the county or state will pay your bond for you. But I've always felt their whole system makes a sad mockery of 'The Land of the Free' :-/

      1. Long John Brass
        Coat

        You seem to have misspelt ...

        But I've always felt their whole system makes a sad mockery of 'The Land of the Free' :-/

        It's land of the Fee not Free.

    2. This post has been deleted by a moderator

      1. Anonymous Coward
        Facepalm

        Re: UK NHS got his because of many vulnerabilities

        "What people don't seem to be discussing yet publicly is the impact of the Broadcom WiFi chips on the Raspberry Pi computers, which the NHS adopted for use in hospitals. This I think explains why the WannaCry malware spread so quickly".

        Excepting WannaCry spread through bugs in Windows Server Message Block (SMB) protocol and the hack had nothing to do with either Raspberry Pi or Broadcom. It utilized a leaked copy of the NSA vuln tool known as Eternalblue, do you remember now, is that billg on the end :)

        1. x 7

          Re: UK NHS got his because of many vulnerabilities

          I'm also an NHS IT contractor and the only pi I've seen on an NHS site was a standalone device monitoring a tropical fish tank

      2. Allan George Dyer Silver badge
        FAIL

        Re: UK NHS got his because of many vulnerabilities

        @leeneubecker - There are too many gaps in your blog and sources to build a credible link between the Raspberry Pi and the NHS outbreak of WannaCry. You say that the Pi has WiFi vulnerable to BroadPwn, but only the Pi 3 and Pi Zero W have built-in WiFi. You say that the NHS has adopted Pis for use in hospitals, but link to an article about a pilot project giving Pis to patients for home monitoring (and no information on whether they use the Pi 3 or PiZero W). You have no statistics on the numbers of vulnerable Pis used in actual hospitals. You have no evidence linking even one incident to a vulnerable Pi. You don't even seem to have tested whether a Pi with built-in WiFi is actually vulnerable.

        Full disclosure: I'm a fan of Pis. I own and use a number of Pis.

        1. rmason

          Re: UK NHS got his because of many vulnerabilities

          I was a contractor doing the windows 7 rollout for my local trust.

          There's not a Pi to be seen in that entire trust, and it was badly effected by wannacry.

          Not to mention the fact, as has been said, we know how wannacry spread, and it was a weakness in windows SMB.

        2. werdsmith Silver badge

          Re: UK NHS got his because of many vulnerabilities

          I don't know why moderator removed the original post about BroadPwn, I'm unable to check the blog but Broadcom issued update (CVE-2017-9417) to fix it and updating the OS on Pi makes BroadPwn go away.

  4. Anonymous Coward
    Anonymous Coward

    Interesting

    Will be interesting what comes out at trial given the near complete relaxation and a condition that seems unrelated to the actual charges in question.

    1. Ucalegon

      Re: Interesting

      Perhaps they've been momentarily stunned by the not guilty plea entered or the co-accused has changed their story?

      1. Uffish

        Re: Interesting

        Perhaps, perhaps, perhaps. All I know is that the whole arrest and publicity circus thing that the Americans put on stank to high heaven.

  5. Ucalegon

    Charging

    Have had a quick look but can't see online the average number of charges brought in these cases. Just wondered if the system had some sort of benchmark for prosecution intimidation based on the number of charges brought against the accused? No idea where on the federal judiciary's system 6 gets you.

  6. Frank Zuiderduin

    The Wannacry server domain?

    He isn't allowed to access what? What sense does that make? How is that related to the charges?

    1. FSM

      Re: The Wannacry server domain?

      I think they're referring to the killswitch domain that Marcus himself bought to stop the vulnerable variants of WannaCrypt from propagating.

      Yes, it's that f**king stupid. It's like adding insult to injury if it actually does mean this. Welcome one and all, except those who help others; f**k them, we'll treat them like terrorists and degrade them, stopping short of actually physically torturing them.

      1. Doctor Syntax Silver badge

        Re: The Wannacry server domain?

        "I think they're referring to the killswitch domain that Marcus himself bought to stop the vulnerable variants of WannaCrypt from propagating."

        Could it be that that's because the NSA are using it for some purpose? C&C server?

    2. Anonymous Coward
      Black Helicopters

      Re: The Wannacry server domain?

      They were afraid he was about to out the actual (insert US agency here) creators of Wannacry.

      That's my conspiracy theory and I'm sticking to it.

  7. Sebastian P.

    Never do this

    One thing I don't get. If USA and UK are such great friends, with such great collaboration between law enforcement agencies, why was it necessary to have him arrested and trialed in USA? The malware he's supposed to have written had an Internet-wide effect. FBI could have passed all the necessary information to their UK colleagues, and the trial could have been held in UK.

    Don't the Americans have confidence in the UK justice system? Or was it more important for "bragging rights" to arrest Marcus in US, to remind the world how badass the Americans are?

    1. onceuponatime

      Re: Never do this

      They can't publish the guilty party for political reasons so they need a well known scapegoat would be my guess.

    2. Anonymous Coward
      Anonymous Coward

      Re: Never do this

      If USA and UK are such great friends, with such great collaboration between law enforcement agencies, why was it necessary to have him arrested and trialed in USA?

      Exactly. I asked that same question the moment I learned of this. I also wondered why they waited until after DEFCON instead of dragging him straight out on arrival.

      1. Knoydart

        Re: Never do this

        He went to Vegas last year and no arrest, and since the Wannacry incident in May, he's been working with NCSC in the UK (the UK CERT at GCHQ) on malware. So it begs the question of why now?

    3. Anonymous Coward
      Terminator

      Re: Never do this

      .. "why was it necessary to have him arrested and trialed in USA? .. Don't the Americans have confidence in the UK justice system"?

      Because: we're not a real country anyway, just a forward missile launching platform in the war against the Soviet Union Russian Federation ..

      1. Anonymous Coward
        Anonymous Coward

        Re: Never do this

        "we're not a real country anyway, just a forward missile launching platform"

        <cough> We've been "Airstrip One" since 1949, surely? Or do I mean 1984?

        1. Teiwaz Silver badge

          Re: Never do this

          <cough> We've been "Airstrip One" since 1949, surely? Or do I mean 1984?

          Come on, at least Airstrip 2.0 since the e-commerce boomp

  8. Anonymous Coward
    Anonymous Coward

    Framed?

    I have to say, I find this all very difficult to believe and it sounds suspiciously like one of Trump's Keystone Cops cock-ups. Has he had a hand in this affair?

    1. Jonathan 27 Silver badge

      Re: Framed?

      Wait, you think transporting the oil via train is safer than through a stabilized pipeline? Are you crazy, or do you just not realize that the oil was being transported either way and the pipeline is just cheaper and safer than the alternative.

      1. Graham Dawson Silver badge

        Re: Framed?

        Keystone cops, not keystone pipeline.

    2. Fred Flintstone Gold badge

      Re: Framed?

      Has he had a hand in this affair? [Trump]

      With his size hands, that would not have had a noticeable impact.

    3. Anonymous Coward
      Anonymous Coward

      Re: Framed?

      While there's plenty of room to blame Trump for stuff he's responsible for, I hardly think he's ever heard of this guy. Not before he was arrested, and still hasn't. A president would have to be a micromanager's micromanager to get involved in something like this.

    4. a_yank_lurker Silver badge

      Re: Framed?

      I doubt Trump is terribly concerned about this. However, the spookhauses have been embarrassed and they want blood. So, find a friendly DA in Vegas, forward some 'evidence' that was cooked up. Then wait for charges. Also, the spookhauses are not terribly fussy about who gets framed, they just want a scalp.

      1. Doctor Syntax Silver badge

        Re: Framed?

        "However, the spookhauses have been embarrassed and they want blood."

        Maybe. But if so I doubt it would be the NSA. He's the one person whose appearance in court could double down on their embarrassment.

    5. hplasm
      Coat

      Re: Framed?

      "Has he had a hand in this affair?"

      Just a little one.

  9. Lewis R

    Why the US/Trump bashing?

    Geez, guys...

    First of all *my* President likely had nothing to do with this (why would he?). Next, there must have been *something* which warranted (pardon the pun) an arrest. I am not for one moment saying that I believe he is guilty (I surely do not have enough information to make such a claim).

    The US system of justice is surely imperfect. Is it any worse than any others on the planet? I couldn't say, but surely, the UK system is also flawed (everyone arrested is guilty over there?)...

    Now, for what we really must hope, is a judge who can grasp the underlying concepts, if not the technology itself. If he *is* guilty and is not convicted, it could open the door for others to work their way out of the system. If he is *not* guilty, then this could provide the basis for improving these kinds of investigations and cases.

    Finally, as to him recovering his bail expenses, he *may* be able to file suit to recover those damages and his legal expenses, *if* he can prove that his arrest and prosecution was improper, which is highly doubtful. IANAL, and I am not offering this as advice, just tossing it out for purposes of conversation.

    1. Anonymous Coward
      Anonymous Coward

      Re: Why the US/Trump bashing?

      Regarding the bail expenses: I for one don't understand why it's considered proper by some in the USA for (as in this case) a chap to get clobbered with an unrecoverable loss of $3000 just to be allowed to walk around in the open air after being arrested on what I assume is reasonable suspicion. Yes of course many people arrested are not found guilty of whatever they're arrested for in any nation with a decent judicial system - but to end up that far out of pocket just for being fingered as "maybe the one we're after" by the police seems a bit much to me.

    2. Oh Homer
      Mushroom

      Re: Why the US/Trump bashing?

      Because the US is a cesspool of political, judicial and economic injustice, and lunatics like your beloved president are mostly responsible for creating it.

  10. Lion

    I think they arrested Marcus in hopes of finding the co-defendant whose name is redacted in the indictment. That guy is not in custody and is supposedly from Wisconsin. It is more than likely that the other guy has a pile of evidence against him and the FBI wants him convicted.

    It is possible that Marcus and the co-defendant had exchanged emails on Kronos - something that is common with hackers. Marcus did send out a tweet asking if anyone had access to the code. The other guy might be a black hat hacker known for profiting from malware or doing damage to US companies (like banks). They now have whatever Marcus knows on Kronos and what his involvement was.

    Marcus says he is innocent of all charges and few people do that facing FBI felony charges - they usually go for a deal, innocent or guilty. His lawyer must see light at the end of the tunnel and is convinced that it is not an oncoming train.

    1. Sir Runcible Spoon

      "Marcus says he is innocent of all charges and few people do that facing FBI felony charges - they usually go for a deal, innocent or guilty. His lawyer must see light at the end of the tunnel and is convinced that it is not an oncoming train."

      Or perhaps Marcus has a more definite sense of right and wrong and, being convinced of his innocence, is prepared to risk a trial to exonerate himself. Not everyone has been cowed by the corruption of law enforcement in the US.

  11. Anonymous Coward
    Big Brother

    "The Marcus Hutchins I knew"

    "To be completely honest, I didn’t know him as Marcus Hutchins at the time. I knew him only by his IRC and forum nick, Touchme" link

  12. John Savard Silver badge

    Mystery

    What still puzzles me is what evidence they have against him. Since he is only known as someone who helped protect people against malware, normally one wouldn't think him likely to be involved with creating it. Perhaps there has been an attempt by virus writers to plant evidence against him that deceived U.S. authorities; until we know what evidence there was, it certainly appears that they moved hastily to arrest someone likely to be completely innocent.

    But we don't know, it is still only an appearance.

    1. Sir Runcible Spoon

      Re: Mystery

      There is a good chance that some code he once wrote was used by the authors of Kronos. Whether or not he was involved in a more direct sense is the unknown right now.

      If all they have is the former, then they are about to make themselves look very silly in one of two ways:

      1. They will find him innocent and release him, making them look all sorts of stupid

      2. They will find him guilty anyway to save face, but will still make themselves look all sorts of stupid (and also guilty of a miscarriage of justice).

      Of course, the trial might expose information that suggests he *was* involved in Kronos in some way, but we won't know until we get to the trial stage will we?

    2. Doctor Syntax Silver badge

      Re: Mystery

      "What still puzzles me is what evidence they have against him."

      One thing we do know is that he wrote a blog post explaining some coding technique. His example code then got incorporated into Kronos. I think there's a US saying about finding a button and sewing a vest on it. That would be what the FBI are doing if that code fragment is what they claim is his writing Kronos is based on.

  13. Unep Eurobats
    Childcatcher

    Brave fellow

    ... to plead not guilty. They'll have tried to put the frighteners on him, tried to get him to say he did just a little something ... Skyped some advice to a bad guy maybe, go on you did didn't you, took a little kickback ... only two years ... out in six months ... better than 20...

    But now we'll get to know exactly what happened, exactly what he did, if anything, and what the evidence is - something that seems all too rare in cases like this. I mean are we ever going to find out what Laurie Love actually did?

  14. cantankerous swineherd Silver badge

    An Awful Warning to anyone thinking of transiting the USA. don't do it.

  15. Anonymous Coward
    Anonymous Coward

    I used to like visiting the US...

    But not any more.

  16. Caesarius
    Alert

    Revenge

    In stopping WannaCry, he will have cost someone a lot of revenue. I wonder if they had a hand in his arrest?

  17. Aodhhan

    Have to laugh at ignorance

    It's amazing how much people just rant and complain without having any detailed facts.

    First off... I've lived in the USA and in several European countries, and spent time in a lot more. If you honestly believe your justice system is better than the US's, then you don't know a dang thing about yours.... especially those in England. BTW, I believe the rights of the accused now established in most European countries was copied from the US Constitution... so really, shut up. In this case, it was a grand-jury investigation... Most countries in Europe do not have anything comparative to this.. they operate solely on a law enforcement investigation.

    ---Yeesh, most don't even realize why the warrant is issued from Wisconsin, let alone any other fact.

    --- I'm not saying he's guilty, I'm saying... most are too ignorant to spout even the dumbest statement.

    Second... the keystone pipeline isn't about trains being a safer method of transporting oil. It's about protecting an underground reservoir (Ogallala aquifer) which is more than twice the size of England. In many places, the water table is just below ground. Overall the average depth is around 20 feet from the surface. So stop; realize how many people will be affected if the water is polluted by crude oil. Considering most farms in the middle of the US irrigate their crops with this water, even those in Europe will feel it. Cost of foodstuffs will go through the roof around the world if the water is contaminated.

    Third... Yes, of course Trump is responsible for this. Just like the hospital you were born in is responsible for damaging your brain.

    Fourth... and really. If you think the US justice system is so judgmental; listen to the judgmental attitudes of so many who make a comment. Judgmental about the US justice system, corruption, Trump.

    The only thing people aren't judging is their own life. Something which is 'supposed' to be a primary act of the British. Being a gentlemen, only judging their own former self, being helpful to others, listening well, etc. Yeap.. B.S. isn't it Brits? :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021