Skip to main content

WannaCry hero Marcus Hutchins will avoid prison in banking malware case

WannaCry hero Marcus Hutchins will avoid prison in banking malware case


Hutchins pleaded guilty

Share this story


The security researcher responsible for stopping the devastating WannaCry ransomware hack in 2017 avoided prison for charges related to creating banking malware, according to multiple reports.

Time served and one year supervised release

Marcus Hutchins became a hero in the digital security community when he discovered a “kill switch” to curb the spread of the WannaCry ransomware, which spread around the globe. But soon after, his fortunes changed dramatically, when he was arrested by the Federal Bureau of Investigation and prosecutors accused him of developing malware used to steal banking credentials.

In April, Hutchins pleaded guilty to two charges related to the creation of the malware, called Kronos, as prosecutors agreed to drop another eight. “I regret these actions and accept full responsibility for my mistakes,” Hutchins said in a statement at the time. “Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”

Those charges could have resulted in jail time, but as ZDNet reports, the judge on the case said Hutchins’ good work added up to “too many positives on other side of ledger.” Instead, Hutchins was sentenced to time served, as well as one year of supervised release.

“Sentenced to time served!” Hutchins said in a tweet after the sentencing. “Incredibly thankful for the understanding and leniency of the judge, the wonderful character letter you all sent, and everyone who helped me through the past two years, both financially and emotionally.”

Update, 2:50PM: Includes statement from Hutchins on sentencing decision.