قالب وردپرس درنا توس
Home / Business / Security researchers plead guilty to malware writing fees

Security researchers plead guilty to malware writing fees



Security researcher Marcus Hutchins pleaded guilty on Wednesday to writing malware and helping sales with a partner.

Hutchins is better known for his crucial role in destroying the worldwide distribution of WannaCry and his online persona [19459006MalwareTech by interacting with the information security community by helping users get into the field, Disseminate information about new threats and publish malware analysis tutorials.

Hutchins was arrested at Las Vegas airport on August 2, 201

7, on his way home to the UK, after attending security conferences at Black Hat and DEF CON security conferences.

Possible Prison and Significant Fines

The guilty verdict filed on Friday is for Count One and counts two out of a total of ten charges brought in a redundant indictment by the US Attorney's Office.

These relate to the development of malware (UPAS Kit and Kronos Banking Trojans) and help disseminate in partnership with a co-conspirator known as "Vinny", "VinnyK", "Aurora 123 ", is known. Gone with the wind "Cocaine" and "Jack of All Trades". According to court documents, these activities took place between July 2012 and September 2015.

Each of the charges has a maximum sentence of five years imprisonment, fines of up to $ 250,000, one year of supervised release, and a $ 100 USD special offer. Overall, Hutchins risked ten years in prison and $ 500,000 in fines. Following this plea, the remainder of the charges will be dismissed in court.

It should be noted that regardless of the outcome of this agreement, Hutchins is not exempted from further civil or administrative proceedings from the US or local governments.

In a public statement on his blog, the researcher says he regrets his actions before his career in cybersecurity and takes full responsibility for his mistakes.

"I grew up and grew up ever since. I use the same skills that I abused for constructive purposes a few years ago, and I will continue to work to protect people from malware attacks."

Support is still strong

Although this has not always been open and forever granted For this reason, many security researchers have to do with cybercriminals. In every profession wearing a white hat, there is often a drop of blackhat. This is especially true for older generations of security experts who have no current information resources. They also did so at a time when the laws for cyber incidents were too vague or did not exist.

Today's Internet, however, provides sufficient learning opportunities to reach experts without having to break the law, and even for free. Hutchins agrees:

After his arrest, numerous researchers gathered to help him. Even his local Conservative Member of Parliament Peter Heaton-Jones and a dozen more sent support letters on his behalf. Hutchins has relied on crowdfunding to cover his legal fees.

Even now, Hutchins has a large crowd in his corner. A cursory glance at the answers he received after he tweeted his statement about the recent development of the case shows mostly positive comments. They would have to look harder to find a negative answer.

A closer look reveals that most are in computer security: trainers, malware researchers, penetration testers, reverse engineering, security consultants, nerds

Himself Redeem

After abandoning criminal life, Hutchins dedicated himself to the fight against malware threats and applied for a job with the British intelligence service, the General Communications Headquarters (GCHQ) cybersecurity firm Kryptos Logic, following his analysis of the Kelihos botnet recruited.

Hutchins published technical articles demonstrating his reverse engineering skills prior to his application, often revealing the tricks of various types of malware and their components;

In an article about the impending expiration of the Carberp Banking Malware source code in 2013, Hutchins wrote:

"Leakage like this is not going to be good." AV companies get one. A massive increase in infected users usually occurs and spin-off bots […] I think we can only hope that big antivirus vendors can update their software to deal with this threat before more damage is done The first 5 people asking me From where I get the source, a virtual slap (all paid expenses) and my eternal refusal will be received. "

Even after he was arrested, he further contributed to the fight against cybercrime: identification and understanding topology of command and control Control servers (Emotet), bot (Hide and Seek) tracking, Reverse engineering tool review (GHIDRA by NSA) and vulnerability analysis.

All of these efforts led to a consortium of supporters who not only became off-kilter words, but also pulled together to pay his lawyer's fees (after his arrest, he was denied work for his employer).

In addition to the already expired time, this can also count when the court sentences the sentence for which no date is currently set.


Source link