33 votes

The confessions of Marcus "MalwareTech" Hutchins, the hacker who stopped WannaCry and was arrested by the FBI in 2017

7 comments

  1. scissortail
    Link
    I haven't read a piece that solid in a good while. The journalist presented the story deftly without over-dramatizing, and Hutchins's story was plenty riveting all by itself.

    I haven't read a piece that solid in a good while. The journalist presented the story deftly without over-dramatizing, and Hutchins's story was plenty riveting all by itself.

    12 votes
  2. vektor
    Link
    You go in assuming the US justice system is incompetent with tech. Then you read about people who assume he was arrested over the wannacry incident. You're kind of relieved to hear that that's not...

    You go in assuming the US justice system is incompetent with tech. Then you read about people who assume he was arrested over the wannacry incident. You're kind of relieved to hear that that's not what happened, and the FBI actually kinda know what they're doing.

    Then this:

    though the court forbade him access to the WannaCry sinkhole domain he had created.

    Also, what a rotten situation to be in. The extortion part that made him continue to work on Kronos.

    Soon afterward, prosecutors hit back with a superseding indictment, a new set of charges that brought the total to 10, including making false statements to the FBI in his initial interrogation.

    Don't fucking do that, that's beyond stupid. The police can lie to me however they want, but if I feel pressured into lying, I get slapped hard? WTF? Nevermind that it dissuades people from coming clean if they have already lied. It's one of those cases where deterrence doesn't work because people don't think about the fact that they will get caught. That shit shouldn't even be illegal except for way more stringent circumstances.

    After losing a series of motions—including one to dismiss his Las Vegas airport confession as evidence—Hutchins finally accepted a plea bargain in April 2019.

    Oh great, now you're going to double-fuck him over that statement. You lied, so we have you for that, but you also confessed, so we have you for that too. Why? Cause fuck you, that's why!

    The judge though, a lot more level-headed than expected.

    To clarify, I don't think he's a morally good guy. I have trouble judging him. But the US justice system is doing it's thing. And I do believe he would have stepped out of the black hat side of things earlier if allowed to. Extorted into a crime, dang.

    11 votes
  3. [4]
    rmgr
    Link
    Man 15 year old Marcus was definitely who 15 year old rmgr wanted to be but was afraid of getting in to trouble! (I mean... Obviously for good reason..) That was an awesome read!

    Man 15 year old Marcus was definitely who 15 year old rmgr wanted to be but was afraid of getting in to trouble! (I mean... Obviously for good reason..)

    That was an awesome read!

    10 votes
    1. [3]
      kari
      Link Parent
      You nailed it. Last summer I interned at a cybersecurity company and whenever we got to talk to the guys who worked on researching exploits and hacking it was so cool. This whole article is like...

      You nailed it. Last summer I interned at a cybersecurity company and whenever we got to talk to the guys who worked on researching exploits and hacking it was so cool. This whole article is like that x100.

      4 votes
      1. [2]
        sqew
        Link Parent
        Reading the Google Project Zero people's writeups is a similar experience for me. It's amazing how they manage to work their way through and find vulnerabilities that have been missed for years.

        Reading the Google Project Zero people's writeups is a similar experience for me. It's amazing how they manage to work their way through and find vulnerabilities that have been missed for years.

        3 votes
        1. kari
          Link Parent
          That's a lot of what I experienced at my internship, too. The "cool" people I was talking about were part of the company's zero-day exploit initiative so I'm assuming they've got similar stories...

          That's a lot of what I experienced at my internship, too. The "cool" people I was talking about were part of the company's zero-day exploit initiative so I'm assuming they've got similar stories to Project Zero people.

  4. minimaltyp0s
    Link
    They covered that well. I was reasonably close to what was happening (1 'degree' of separation away from Marcus) and I was assured that he was 100% innocent. I believed this (as did his friend...

    They covered that well.

    I was reasonably close to what was happening (1 'degree' of separation away from Marcus) and I was assured that he was 100% innocent. I believed this (as did his friend doing the assuring) and I advocated for him and against his arrest in the US.
    When the Krebs piece came out I remember worrying that I'd backed the wrong horse, but my view of Krebs has been up and down, so I stuck with the party line.
    When Marcus finally admitted that he actually did do it, I was embarrassed to have defended him and took it quite personally. I spoke against him whenever it came up, although his friend continued to speak highly of him. What annoyed me most was that he was having his friends (and their friends, and communities) fund raise on his behalf against a lie.

    When I read this I was expecting a fluff piece about his resurrection. I'm glad to see that they didn't go there.

    5 votes