From Hero to Villain as Marcus Hutchins Pleads Guilty to Criminal Charges

Last updated June 23, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer

Marcus Hutchins, the 25-year-old malware researcher who stopped the WannaCry ransomware from spreading, has pleaded guilty of charges of fraud, conspiracy, lying to federal officials, and development and distribution of malware kits. More specifically, Hutchins admitted that he was the developer behind the “Kronos” banking credentials stealer and that he was actively involved in selling it through dark net channels. The statement that Hutchins published on his blog, “MalwareTech” is the following:

“As you may be aware, I’ve pleaded guilty to two charges related to writing malware in the years prior to my career in security. I regret these actions and accept full responsibility for my mistakes. Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

Hutchins did what he did during his mid-teen years, but the FBI agents who arrested him back in August 2017 had no volition for extenuation. No matter what the hacker did after the “dark years” of his early youth, and no matter the fact that he has helped save the world from the WannaCry menace, the US prosecution is still intransigent, pushing ten individual counts against the hacker, some of which are pretty serious. Hitchins is now facing a sentence of five years in prison and a fine of $250k. The court seems to have a hot potato in their hands as the public maintains a somewhat objective sense of fair judgment that isn’t meeting the prosecution’s pertinacity.

Undoubtedly, the Kronos malware and the UPAS Kit have caused a lot of trouble to many people out there all those years. Many have lost their money because of it, and have possibly sustained immeasurable damage in their lives. However, and since the hacker turned from black-hat to white-hat later on, we have to put the WannaCry save on the other side of the scale. According to many cyber-risk firms, WannaCry would have resulted in global economic losses of up to $4 billion if it wasn’t for Hutchins discovering the kill-switch and stopping the ransomware campaign.

WannaCry had already infected about 200000 computers across 150 countries, including hospitals, public service agencies, production units, and more. If it wasn’t for Marcus Hutchins, WannaCry could have reached to nuclear power plants, military networks, transportation systems, etc., leading to unpredictably dangerous situations. I am not saying that any crime should go unpunished, but I’m saying that justice should take all things into account before castigating someone who in a sense saved the world.

Where do you stand on the above? Should Hutchins be sentenced to prison, be fined, or be acquitted? Let us know where you stand in the comments section below, and don’t forget to check our socials, on Facebook and Twitter where more news stories are posted daily.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: