British malware researcher Marcus Hutchins has pleaded guilty to developing and sharing the banking malware between July 2014 and July 2015.
Marcus Hutchins, also known as MalwareTech, made the headlines after discovering the “kill switch” that halted the outbreak of the WannaCry ransomware. In August 2017, he was arrested in Las Vegas after attending the Def Con hacking conference and was detained by the FBI in the state of Nevada.
In August 2017, Marcus Hutchins pleaded not guilty to charges of creating and selling malware at a hearing in Milwaukee, Wisconsin.
The court decided to relax the expert bail terms, allowing him to access the Internet and continues his ordinary working activities. The only restriction on Hutchins is that the expert cannot visit the Wannacry server domain.
The decision is unusual because computer crime suspects are not allowed to stay online.
The court allowed him to live in Los Angeles, where the company that hired him is located, but he was obliged to surrender his passport and he must wear a tracking device until his trial in October.
On Friday, Hutchins accepted a plea deal and admitted two charges of malware development.
“I’ve pleaded guilty to two charges related to writing malware in the years prior to my career in security,” reads a statement published by the expert.
“I regret these actions and accept full responsibility for my mistakes. Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”
Marcus Hutchins would face with a maximum penalty of five years in prison a $250,000 fine and a year of probation.
According to the Federal law enforcement, the researchers told an unnamed associate over a recorded telephone line: “I used to write malware, they picked me up on some old shit,” “I wrote code for a guy a while back who then incorporated it into a banking malware.”