Marcus Hutchins, the British security researcher instrumental in neutralizing the virulent WCry ransomware worm that shut down computers worldwide in May, appeared in federal court Monday and pleaded not guilty to unrelated criminal charges that he created and distributed malware that steals banking credentials.
Hutchins, who is free on $30,000 bond, was arrested August 3 in Las Vegas following the Black Hat and Defcon security conferences. A six-count Wisconsin federal indictment (PDF) accuses him of developing the Kronos banking trojan. Along with an unnamed co-conspirator, Hutchins allegedly advertised the malware on the AlphaBay underground online market forum, according to the indictment. The document says the duo "sold a version of the Kronos malware in exchange for approximately $2,000 in digital currency" on June 11, 2015.
The indictment said the defendant, who goes by the online nickname of "MalwareTech," knowingly "disseminated by electronic means an advertisement of any electronic, mechanical, or other device, knowing and having reason to know that the design of such device renders it primarily useful for the purpose of the surreptitious interception of electronic communications...." Other charges include allegations that he sold an "electronic, mechanical, or other device, in interstate and foreign commerce, knowing and having reason to know that the design of such device renders it primarily useful for the purpose of the surreptitious interception of electronic communications."