US arraignment of British cybersecurity expert postponed
MILWAUKEE (AP) — A British cybersecurity figure hailed as a crime-fighter just three months before his arrest in a worldwide malware production and distribution case might still be in Las Vegas ahead of his arraignment next week in a federal court in Wisconsin, according to terms set by a judge.
Attorneys and advocates for Marcus Hutchins, 23, of Ilfracombe, England, didn’t immediately respond Tuesday to telephone and email messages about his whereabouts following his release Monday from a jail in rural southern Nevada.
But jail and federal officials say he was released, and pointed to terms set by the judge who on Friday set Hutchins’ bail at $30,000.
Magistrate Judge Nancy Koppe said Hutchins would have to stay at a federal halfway house or under house arrest in Las Vegas with an ankle monitor until he travels to Milwaukee for arraignment on a six-count federal indictment.
The judge didn’t find Hutchins a threat to the community or a risk not to attend court appearances. She nevertheless ordered him to surrender his passport to federal officials and not use any device that has access to the internet.
Hutchins’ arraignment had been set Tuesday in U.S. District Court in Milwaukee, but was reset for Aug. 14, said Elizabeth Makowski, a spokeswoman for the U.S. attorney’s office.
He was arrested Aug. 2 in Las Vegas on federal charges that he created and distributed a malware program to obtain banking passwords from unsuspecting computer users.
Hutchins was held through the weekend at a jail in rural Pahrump, where he had been arrested at McCarran International Airport on his way home from the Def Con computer security convention in Las Vegas.
Electronic Frontier Foundation general counsel Kurt Opsahl said Monday he was awaiting word that bail had been posted and that Hutchins had been released from federal custody. The foundation, a digital civil-liberties nonprofit, was helping Hutchins obtain legal counsel.
Opsahl, other foundation officials and Hutchins’ attorney in Las Vegas, Adrian Lobo, didn’t respond to telephone and email messages Tuesday morning from The Associated Press.
He did not enter a plea at Friday’s hearing to six federal charges dating to 2014, including conspiracy to commit computer fraud. He is accused of creating and distributing malicious software called Kronos designed to steal banking passwords.
Other charges he faces are distributing and advertising an electronic communication interception device, attempting to intercept electronic communications and trying to access a computer without authorization. He could face decades in federal prison if he is convicted.
The indictment filed last month in Milwaukee alleges that Hutchins and another defendant, whose name was redacted, conspired between July 2014 and July 2015 to advertise, sell and profit from the Kronos banking Trojan malware.
Hutchins is accused of creating the malware and enabling cybertheft by spreading a program that can infect web browsers and capture usernames and passwords.
Hutchins has support in the information-security community, where some call him a principled, ethical hacker.
His mother, Janet, said it was unlikely that her son was involved in illegalities because he spends much of his time combatting malware attacks.
Though Hutchins previously worked under the alias MalwareTech, cracking WannaCry led to the loss of his anonymity and propelled him to cyber stardom, public appearances and a $10,000 cash prize that he said he planned to donate to charity.
He told The Associated Press at the time that he didn’t think he would ever return to being the “MalwareTech” that everyone knew.
Associated Press writer Danica Kirka in London and Regina Garcia Cano in Las Vegas contributed to this report. Ritter reported from Las Vegas.
Sign up for the AP’s weekly newsletter showcasing our best reporting from the Midwest and Texas: http://apne.ws/2u1RMfv