33
votes
The confessions of Marcus "MalwareTech" Hutchins, the hacker who stopped WannaCry and was arrested by the FBI in 2017
Link information
This data is scraped automatically and may be incorrect.
- Title
- The Confessions of the Hacker Who Saved the Internet
- Authors
- Andy Greenberg, Paris Martineau, Lily Hay Newman
- Word count
- 13 662 words
I haven't read a piece that solid in a good while. The journalist presented the story deftly without over-dramatizing, and Hutchins's story was plenty riveting all by itself.
You go in assuming the US justice system is incompetent with tech. Then you read about people who assume he was arrested over the wannacry incident. You're kind of relieved to hear that that's not what happened, and the FBI actually kinda know what they're doing.
Then this:
Also, what a rotten situation to be in. The extortion part that made him continue to work on Kronos.
Don't fucking do that, that's beyond stupid. The police can lie to me however they want, but if I feel pressured into lying, I get slapped hard? WTF? Nevermind that it dissuades people from coming clean if they have already lied. It's one of those cases where deterrence doesn't work because people don't think about the fact that they will get caught. That shit shouldn't even be illegal except for way more stringent circumstances.
Oh great, now you're going to double-fuck him over that statement. You lied, so we have you for that, but you also confessed, so we have you for that too. Why? Cause fuck you, that's why!
The judge though, a lot more level-headed than expected.
To clarify, I don't think he's a morally good guy. I have trouble judging him. But the US justice system is doing it's thing. And I do believe he would have stepped out of the black hat side of things earlier if allowed to. Extorted into a crime, dang.
Man 15 year old Marcus was definitely who 15 year old rmgr wanted to be but was afraid of getting in to trouble! (I mean... Obviously for good reason..)
That was an awesome read!
You nailed it. Last summer I interned at a cybersecurity company and whenever we got to talk to the guys who worked on researching exploits and hacking it was so cool. This whole article is like that x100.
Reading the Google Project Zero people's writeups is a similar experience for me. It's amazing how they manage to work their way through and find vulnerabilities that have been missed for years.
That's a lot of what I experienced at my internship, too. The "cool" people I was talking about were part of the company's zero-day exploit initiative so I'm assuming they've got similar stories to Project Zero people.
They covered that well.
I was reasonably close to what was happening (1 'degree' of separation away from Marcus) and I was assured that he was 100% innocent. I believed this (as did his friend doing the assuring) and I advocated for him and against his arrest in the US.
When the Krebs piece came out I remember worrying that I'd backed the wrong horse, but my view of Krebs has been up and down, so I stuck with the party line.
When Marcus finally admitted that he actually did do it, I was embarrassed to have defended him and took it quite personally. I spoke against him whenever it came up, although his friend continued to speak highly of him. What annoyed me most was that he was having his friends (and their friends, and communities) fund raise on his behalf against a lie.
When I read this I was expecting a fluff piece about his resurrection. I'm glad to see that they didn't go there.