Marcus Hutchins, the widely acclaimed security researcher charged with creating malware that sold for thousands of dollars on the Internet, has lost his bid to suppress self-incriminating statements he made following days of heavy partying at the 2017 Defcon hacker convention in Las Vegas.
Hutchins—who, under the moniker MalwareTech, unwittingly helped neutralize the virulent WannaCry ransomware worm—was charged with developing the Kronos banking trojan and an advanced spyware program known as the UPAS Kit. The then-23-year-old UK citizen was arrested in August 2017 at McCarran International Airport as he was about to fly home. He had spent the previous week attending the Black Hat and Defcon conferences. Hutchins has pleaded not guilty to the charges.
According to court documents, federal agents questioned Hutchins in an airport interview room shortly after he was arrested. When asked about his involvement in developing malware, the court records show, Hutchins grew visibly confused about the purpose of the interrogation. Eventually, prosecutors said, Hutchins acknowledged that, when he was younger, he wrote code that ended up in malware, but he denied that he had developed the malware itself. After reviewing some source code produced by the agents, Hutchins asked if the investigators were looking for the developer of Kronos. Hutchins then told the interrogators he didn't develop Kronos and had "gotten out" of writing code for malware before he turned 18.
Allegedly, Hutchins then said he had feared law enforcement authorities would pursue him instead of the actual developer, because pieces of his code appeared in Kronos and that implicated him in the investigation into its creation. Still, he continued to voice confusion about why he was being detained. Almost 80 minutes into the interrogation, agents finally provided Hutchins with his arrest warrant and told him it had nothing to do with WannaCry. During the remainder of the interview, which lasted for another 20 minutes, Hutchins continued trying to be helpful but again noted he had been "out" of "blackhat" hacking for so long that he didn't have any useful information.