Marcus Hutchins, the hacker who stopped the WannaCry ransomware and was arrested by the FBI soon after, accused of creating and distributing malware himself, has asked for donations to cover legal costs as he faces more charges.


The updated indictment was filed with the Wisconsin Eastern District Court earlier this week. It complements the original six-count indictment against Hutchins from July, submitted a month before his arrest by FBI agents in Las Vegas, Nevada, with four more charges.

Hutchins, who has been released on bail pending trial, had already been charged with advertising, distributing and profiting from a malware code called “Kronos” between July 2014 and July 2015. In addition to these charges, the updated indictment accuses the hacker-turned-cyber-security-expert of lying to the FBI during the arrest about his role in developing the virus.

Hutchins “knowingly and willfully made a materially false, fictitious, and fraudulent statement” by claiming that he was not aware his computer code was part of Kronos malware “until he reverse engineered the malware sometime in 2016,” the indictment states. The investigators say that Hutchins, in fact, helped develop the malware, admitting to his acquaintance as far back as in November 2014, that he laid his hand on the virus.

Hutchins’ defense has long been fighting for the court to withhold from his case the statements the British hacker made to the agents during his arrest, arguing that he was deceived into confessing and was not properly explained his rights before the interrogation. They argued that due to the differences in UK and US law, Hutchins might have wrongly believed that his silence could have been used against him. Besides that, he was “exhausted and intoxicated at the time,” which was well known to the FBI, his lawyers say.

Apart from attempting to make ill gains from Kronos, the new indictment, released on June 5, accuses Hutchins of being behind another malware virus, known as UPAS Kit. The superseding indictment says that the defendant marketed the malware, saying it was made “to install silently and not alert antivirus engines” while stealing personal data from a PC.

Two other charges relate to him “aiding and abetting” the spread of a malignant code in an attempt to damage “10 or more protected computers,” as well as helping others to hack PCs for financial gain.

As the news on the new indictment broke, Hutchins, also known as MalwareTech, appealed to his Twitter followers to fund his mounting legal expenses.

“Spend months and $100k+ fighting this case, then they go and reset the clock by adding even more bullshit charges like 'lying to the FBI,'” he wrote. He then called for donations with a quote from the strategy video game Starcraft: “We require more minerals.”

He lashed out at the investigators in another tweet peppered with expletives, which he, however, promptly deleted.

Hutchins was hailed as a hero after he stopped the WannaCry attack that crippled computers worldwide in May last year after, but he fell from grace just several months later and currently awaits trial, which is yet to be scheduled. Hutchins has pleaded not guilty to all the charges.