At just 22-years-old, this hacker became an accidental digital security hero that saved the world from the worst cyberattack it has ever seen.
Marcus Hutchins, a British computer security researcher, discovered the WannaCry ransomware attack in 2017 and used a “kill switch” to stop the escalating attack, which at the time was spreading around the globe, according to The Verge.
The U.K. media revealed him to be the person responsible for halting the ransomware contagion, but soon after his reputation as a hero was tainted by accusations of Hutchins making and selling the Kronos banking malware, Tech Crunch reports.
He was later arrested by the FBI, according to Wired, as a result of his teenage work on a code that was later used in banking trojan software. So much time had passed since the news broke of his astronomical effort that when Hutchins was approached by the authorities he assumed that they wanted to know more about his work on WannaCry.
During his interrogation, Hutchins was unaware that he was being questioned as a criminal until he was asked about the banking software.
“Kronos,” Hutchins said. “I know that name.” Realizing where exactly he knew the name, it registered that he would more than likely be charged for his part in the malware.
At 16-years-old, Hutchins unintentionally created the malware. However, in the process of trying to keep up with other hackers, he earned a new reputation as a talented malware ghostwriter.
Many of his skills lie in writing malware, although according to The Verge, Hutchins maintains that “you can be a good cybersecurity researcher without a criminal past.”
At the time of his arrest, many of Hutchins’ supporters jumped to his defense to cosign his innocence, noting that he had worked tirelessly to expose cybercriminals and their malicious tools, according to Krebson Security. INSIDER reports that those supporters also raised over $12,000 for Hutchins’ bail.
During his federal trial, Judge J. P. Stadtmueller described Hutchins as a “talented” but “youthful offender.” At the end of the trial, Hutchins announced that he was “sentenced to time served” via Twitter.
Sentenced to time served! Incredibly thankful for the understanding and leniency of the judge, the wonderful character letter you all sent, and everyone who helped me through the past two years, both financially and emotionally.
— MalwareTech (@MalwareTechBlog) July 26, 2019
Brian Klein, one of Hutchins’ attorneys, also shared in a statement to Tech Crunch:
“We are thrilled that the judge recognized Marcus’ very important contributions to keeping the world safe and let him go home a free man today,” Klein said. “Marcus appreciates the support he’s received from around the world the past two years.”
He recently spoke on his extraordinary story with Wired for a full-length feature, where he touched on his quick rise to fame and his confessions of what truly happened during that time.
Hutchins’ contributions to the cybersecurity world are still highly regarded to this day. Despite his complicated history, the tech researcher made a huge contribution to the world of cybersecurity and tech. He sacrificed his credibility but still upheld his historic reputation.
“I don’t want to be the WannaCry guy or the Kronos guy,” Hutchins told Wired. “I just want to be someone who can help make things better.”