If you could stop a devastating cyberattack, would you think about yourself first, or just act? This is the uncensored story of the WannaCry ransomware attack, how Marcus Hutchins went from cyber celebrity to wanted cyber criminal overnight and where he is now.

The story of WannaCry and hacker Marcus Hutchins

“I was shaking, I think I sweated through my T-shirt and blazer. I did not know how to feel – it just felt like everything was coming to an end, but not in a good way…”

For Marcus Hutchins, a dream that turned into a nightmare ended in July 2019 with a compassionate sentence by a Milwaukee judge. “I just got out of my court hearing for the sentencing. I wasn’t sure how it would go down. I was very, very nervous,” he told us after leaving the courtroom. “But the judge took a broad view of the entire circumstances. He weighed up my past work helping security. He ended up ruling ‘time served,’ which was a big surprise to me. But it does make sense, when you weigh in that I’ve been forced to stay in a foreign country for two years.”

Marcus’s story starts with what strangely became his downfall – stopping a catastrophic ransomware attack called WannaCry.

What is the WannaCry ransomware attack?

Hutchins became an overnight cybersecurity celebrity in 2017. “I came back from lunch, saw all the news about something targeting the NHS and decided to dig a little deeper, which was when I noticed an unregistered domain inside the code.” He registered the domain and the infection count went down. He had found the ‘kill switch’ for the WannaCry epidemic.

WannaCry cyberhero or Marcus Hutchins, cybercriminal?

It changed his life. He became a hero, then fell to zero a few weeks later. “I woke up to see my face over a two-page spread of the Daily Mail. Media had posted my address in the paper, which meant the bad guys I am fighting know where I live.”

Marcus Hutchins arrested at Defcon 2017

After saving the world from the worst ransomware attack in history, Hutchins became a cyber hero. The pinnacle of his fame was global hacker conference Defcon 2017. Marcus had become a demi-god among cyber researchers, journalists and the public before the event. After a week in the Las Vegas sun, partying and rubbing shoulders with the industry’s biggest names, everything would come crashing down.

Big Mac to banged up – WannaCry ransomware attack continued

That week, Marcus Hutchins had shared a mansion with his friends – think huge pool, all-night parties and legal marijuana. Allegedly, while picking up a McDonalds delivery outside the mansion one morning, he noticed an unmarked FBI vehicle.

At the airport, his suspicions were confirmed, “I am completely exhausted. I have no idea what’s going on and I’m just relaxing waiting for my flight. And a man and two other people in uniform approached me and asked, “Are you Marcus Hutchins?” I said yes, and they asked me to come with them. It turned out the guy was an FBI agent and that’s when they arrested me.”

At this point, Hutchins is in a sleep-deprived state of shock. Things aren’t looking good. The FBI showed a warrant for his arrest on conspiracy to commit computer fraud and abuse. It wasn’t for his role in WannaCry, but for a cyber ghost from his past: malware called Kronos, created on the sunny shores of Devon, UK, was of critical importance to the FBI.

Marcus Hutchins’ arrest – a global phenomenon

When the world got hold of Hutchins’ arrest, social media was awash with support and slander. One cybersecurity researcher suggested Hutchins created WannaCry himself only to stop it as it spiraled out of control. But as supporters who raised the alarm on the FBI’s treatment of Hutchins, Twitter bulged with support for Marcus’ character.

Eventually, Hutchins was bailed to a halfway house with a curfew and GPS monitoring. The Twitter community again came to his aid and two lawyers took Hutchins’ case for free. They were able to overturn the curfew and GPS monitoring.

Would prosecutors persuade Hutchins to squeal?

The FBI said if Hutchins called out other hackers he knew of, they’d let him off. On principle, Marcus opposed snitching. Instead, he set his sights on a criminal trial. Hutchins’ cybersecurity background, diligence and good heart played in his favor when the day came.

Much to Hutchins’ surprise, the judge ruled his hero status could almost warrant a full pardon, but that was out of the question. Rather than a 10-year prison sentence and a 500,000 US dollar fine, Marcus stepped out of the courtroom with one year supervised release.

Wait, what? After months of anxiety, Marcus was a free-ish man. The judge smiled on him that day, understanding Hutchins had already served a type of sentence being kept in the US without the right to go home.

Where is Marcus Hutchins now?

Hutchins has retreated from the public spotlight for now. Keep an eye on his Twitter, @MalwareTechBlog, for updates on what he’ll do next. From a recent interview in WIRED, it sounds like a return to his childhood love, surfing:

“Someday, I’d like to be able to live in a house by the ocean like this, where I can look out the window and if the waves are good, go right out and surf.”

The WannaCry documentary – Marcus Hutchins’ untold story

There’s much more to Marcus Hutchins’ story, in his own words. The cybersecurity hero who stopped WannaCry turned cybercrime defendant speaks in our exclusive documentary.

Explore more of history’s craziest and most mysterious cybercrime with our hacker:HUNTER series.

Read More Show Less