By IVAN MORENO
MILWAUKEE (AP) — The case of a British cybersecurity expert once heralded as a hero for stopping the WannaCry computer virus was delayed on Thursday to allow his attorneys more time to prepare arguments on why a judge should suppress statements he made after his arrest over allegations that he wrote software to steal banking passwords.
Marcus Hutchins, 23, pleaded not guilty after his arrest last year in Las Vegas before he boarded a flight home to England. U.S. prosecutors say Hutchins wrote and distributed malware known as Kronos and made incriminating statements to FBI agents, both after his arrest and in two jailhouse phone calls.
Federal prosecutors publicly revealed details of those phone calls for the first time in court filings on Wednesday night, and provided Hutchins’ defense with new transcripts of the conversations. Hutchins’ attorney, Brian Klein, told a federal magistrate judge that prosecutors intended to present those calls in court on Thursday to “make assertions about what he said and the significance of those” conversations.
The hearing was rescheduled for May 16.
Hutchins’ arrest in August came as a shock, largely because, only four months before, he had been praised as a cybercrime-fighting hero for finding a “kill switch” to slow the outbreak of the WannaCry virus, which crippled computers worldwide, encrypting files and making them inaccessible unless people paid a ransom ranging from $300 to $600.
Details concerning Hutchins’ arrest and the crimes he’s accused of committing have been sparse, but the court documents prosecutors filedon Wednesday included new revelations. For example, prosecutors say Hutchins signed a consent form allowing the FBI to search his backpack, phones, and laptops and that he “was lucid and answered many detailed questions” during a nearly two-hour interview with agents.
Hutchins’ defense attorneys are trying to get those statements suppressed, saying he was sleep-deprived after a week of partying in Las Vegas, where he had attended a cybersecurity convention, and that he didn’t fully understand Miranda warnings because he’s a foreigner. Klein said FBI agents didn’t immediately start recording their interview with Hutchins and that what happened before the interrogation is significant, but he didn’t explain why in court.
In the new court filings, prosecutors also say Hutchins knew he was being recorded when he made two phone calls in which he “made multiple incriminating statements … including writing the code for the banking Trojan and compiling malware binaries and sending to someone.”
Prosecutors also said in the new court filings that Hutchins is suspected of selling the Kronos software to someone in Wisconsin. He also “personally delivered” the software to someone in California, prosecutors say.
The indictment says the crimes happened between July 2014 and July 2015, but prosecutors have still not offered details about the number of victims.
In addition to computer fraud, the indictment lists five other charges, including attempting to intercept electronic communications and trying to access a computer without authorization. Hutchins faces decades in prison if convicted of all the charges. He has been barred from returning home and has been living in California, where he is working as a cybersecurity consultant while he awaits trial.