British malware researcher and sometime creator Marcus Hutchins, 25, will not be jailed for hacking-related crimes. Presiding Judge J. P. Stadtmueller said that Hutchins will be under a supervised release for a year, according to TechCrunch.
Stadtmueller regarded the offender as a “talented” offender, who made cybercrime violations in his youth. The judge also believed that the hacker has already served his sentence. He also recognized that people like Hutchins are the only ones able to create solutions for weak digital security measures.
The presiding judge also noted the offender’s age at the time of the crime. He also commended Hutchins for steering his life into a new direction before being indicted.
The judge said the sentence will possibly prohibit the offender from coming to the United States.
“Accidental Hero”
Hutchins is considered an “accidental hero” for stopping the fast-acting ransomware WannaCry. WannaCry targeted Microsoft-operated systems, encrypting stored data while demanding ransom money. The malware infected thousands of vulnerable computers in May 2017.
The WannaCry hero was only able to stop the incident by accident. In an interview cited by Slate, the hacker “reverse-engineered” the ransomware’s code and finding a domain hardcoded in it. The offender then registered the domain, causing it to stop spreading.
According to the offender, he was not aware that registering the domain will solve the problem. He also said that he only found out after doing so.
Kronos
A few months after accidentally stopping WannaCry, Hutchins was arrested in Las Vegas after attending the Def Con security conference. He was indicted for aiding the development and distribution of Kronos, a banking trojan. The malware was active in 2014 and 2015, during his teenage years.
Authorities also alleged Hutchins of developing another malware, UPAS Kit. However, he was released on a $30,000-bail and had lived in Los Angeles since.
In a blog post, the offender said that he pleaded guilty to two charges. However, he also noted that the misuse of his skills was behind him. He added that he had been pursuing a career in security and malware research.
Before the release, Hutchins faced 10 charges, 2 of which he pleaded guilty to. The court dropped the remaining 8 charges after entering a plea deal.
The punishment for the charges was supposed to be up to 10 years of prison time and $500,000 in fines. It also included a one-year supervised release, which is enforced after the plea deal.
