Cyber sleuth in malware case dodges prison time
MILWAUKEE — A British cybersecurity expert who admitted writing and selling malware was spared prison Friday by a judge who said the misconduct was outweighed by his help in stopping a worldwide computer virus in 2017.
Marcus Hutchins, who was hailed as a hero for his role in stopping the “WannaCry” virus, was sentenced to time served by U.S. District Judge J.P. Stadtmueller. The judge noted Hutchins had pleaded guilty and accepted responsibility for his work on the malware years earlier.
“Mr. Hutchins turned the corner with regard to the conduct that led to these charges,” Stadtmueller said.
Hutchins, 25, served just a few days in jail after being arrested in Las Vegas in 2017, but had been required to stay in the U.S. while his case was pending.
Hutchins spoke briefly Friday, apologizing to his victims: “I deeply regret my conduct and the crimes I was involved in.” His attorney said afterward he intended to return to Great Britain.
FBI agents had been investigating Hutchins for years before his arrest. Less than two months after his claim to fame, they arrested him and accused him of creating malware to steal banking passwords.
Prosecutors in Milwaukee had made no specific sentence recommendation, and noted that Hutchins had accepted responsibility for his actions in a plea deal in April, and they also gave him credit for his role in finding a “kill switch” to the WannaCry virus. He had faced up to 10 years in prison.
“Like a man who spent years robbing banks, and then one day came to realize that was wrong, and even worked to design better security systems, he deserves credit for his epiphany. But he still bears responsibility for what he did,” prosecutors said.