Cybersecurity Hero Turned Suspect Denies Charges In Wisconsin Federal Court

MILWAUKEE, WI — As a devastating cyberattack threatened to hobble information systems across the globe in May, Marcus Hutchins — somewhat accidentally — found a flaw in the virus's code that essentially stopped the malware in its tracks. But Hutchins, a British cybersecurity researcher lauded as a hero, is now defending himself against charges of involvement in an unrelated cybercrime that occurred between July 2014 and July 2015.

On Monday, Hutchins pleaded not guilty to six charges against him.

He is out on $30,000 bail, forced to stay at a hotel in Milwaukee rather than return home to the United Kingdom. (For more updates on Hutchins' trial and other local news, subscribe to the Milwaukee Patch to receive daily newsletters and breaking news alerts.)

Marcus Hutchins entered his plea in Wisconsin federal court, where prosecutors charged him and an unnamed co-defendant with conspiring to commit computer fraud in the state and elsewhere. Authorities arrested the 23-year-old man on Aug. 2 at McCarran International Airport in Las Vegas, where he was going to board a flight to his home in Ilfracombe, England. He had been in Las Vegas for a cybersecurity convention.

Hutchins' bail comes with strict conditions. His bond has been modified so that he can stay in Los Angeles near his attorney and travel anywhere in the U.S., but Hutchins is not allowed to leave the country. He was also granted access to use a computer for work, a change from an earlier judge's order barring him from using any device with access to the internet. Hutchins' current work wasn't detailed at Monday's hearing.

The next hearing in the case was set for Oct. 17.

Hutchins' attorney, Adrian Lobo, hasn't responded to several phone messages left by The Associated Press over the last week.

The legal troubles Hutchins faces are a dramatic turnaround from the status of cybercrime-fighting hero he enjoyed four months ago when he found a "kill switch" to slow the outbreak of the WannaCry virus. It crippled computers worldwide, encrypting files and making them inaccessible unless people paid a ransom ranging from $300 to $600.

Prosecutors allege that before Hutchins won acclaim he created and distributed a malicious software called Kronos to steal banking passwords from unsuspecting computer users. In addition to computer fraud, the indictment lists five other charges, including attempting to intercept electronic communications and trying to access a computer without authorization.

The court document doesn't offer any details about the number of victims. Prosecutors have not said why the case was filed in Wisconsin.

The name of Hutchins' co-defendant is redacted from the indictment.

Hutchins faces decades in prison if convicted on all the charges.

By IVAN MORENO, Associated Press

AP Photo/Frank Augstein, File