The case of British cybersecurity expert once heralded as a hero for stopping the WannaCry worldwide computer virus was delayed Thursday to allow his attorneys more time to prepare arguments on why a judge should suppress statements he made after his arrest for allegedly creating software to steal banking passwords.
Marcus Hutchins, 23, pleaded not guilty after his arrest last year in Las Vegas before he boarded a flight home to England. U.S. prosecutors say Hutchins created and distributed malware known as Kronos and made incriminating statements to FBI agents after his arrest and in two jailhouse phone calls.
Federal prosecutors publicly revealed details of those phone calls for the first time in court filings Wednesday night, and provided Hutchins' defense with new transcripts of the conversations. Hutchins' attorney, Brian Klein, told a federal magistrate judge that prosecutors intended to present those calls in court Thursday to "make assertions about what he said and the significance of those" conversations.
The hearing was rescheduled for May 16.
Hutchins' August arrest came as a shock, as four months earlier, he was lauded as a cybercrime-fighting hero for finding a "kill switch" to slow the outbreak of the WannaCry virus, which crippled computers worldwide, encrypting files and making them inaccessible unless people paid a ransom ranging from $300 to $600.
Details of Hutchins' arrest and the crimes he's accused of committing have been sparse, but the court documents prosecutors filed Wednesday included new revelations. For example, prosecutors say Hutchins signed a consent form allowing the FBI to search his backpack, phones, and laptops and that he "was lucid and answered many detailed questions" during a nearly two-hour interview with agents.
Hutchins' defense attorneys are trying to get those statements suppressed, saying he was sleep-deprived after a week of partying in Las Vegas, where he had attended a cybersecurity convention, and that he didn't fully understand Miranda warnings because he's a foreigner. Klein said FBI agents didn't immediately start recording their interview with Hutchins and what happened before the interrogation is significant, but he didn't explain why in court.
In the new court filings, prosecutors also say Hutchins knew he was being recorded when he made two phone calls in which he "made multiple incriminating statements ... including writing the code for the banking Trojan and compiling malware binaries and sending to someone."
Prosecutors also said in the new court filings that Hutchins is suspected to have sold the Kronos software to someone in Wisconsin. He also "personally delivered" the software to someone in California, prosecutors say.
The indictment says the crimes happened between July 2014 and July 2015, but prosecutors have still not offered any details about the number of victims.
In addition to computer fraud, the indictment lists five other charges, including attempting to intercept electronic communications and trying to access a computer without authorization. Hutchins faces decades in prison if convicted of all the charges. He has been barred from returning home and has been living in California, where he works as a cybersecurity consultant while he awaits trial.