| 6.1°C Belfast

British cyber expert’s lawyer says FBI deceived him

Marcus Hutchins is accused of creating and distributing malware known as Kronos.


British cyber-security expert Marcus Hutchins (Frank Augstein/AP)

British cyber-security expert Marcus Hutchins (Frank Augstein/AP)

British cyber-security expert Marcus Hutchins (Frank Augstein/AP)

Lawyers for a British cybersecurity expert credited with stopping the worldwide WannaCry computer virus have told a US court that the FBI agents who arrested him for allegedly creating malware used deception when interrogating him.

The charge from Marcus Hutchins’s lawyers comes as they try to suppress what prosecutors say are incriminating statements Hutchins made to the agents and later during an interview in jail.

A grand jury indictment accuses Hutchins of creating and distributing malware known as Kronos, designed to steal banking passwords. Hutchins, 23, has pleaded not guilty.

FBI agents detained him in Las Vegas on August 2 before he boarded a flight home to England and interrogated him for nearly two hours.

The two FBI agents who arrested him testified that he was given the proper Miranda rights and that he spoke to them voluntarily.

You can't waive rights if you hide the ballLawyer Brian Klein

However, one of Hutchins’s lawyers argued the agents were not completely truthful with Hutchins and did not show him the indictment and charges he faced until an hour into the interrogation, which was recorded.

“That’s hiding the ball. You can’t waive rights if you hide the ball,” lawyer Brian Klein said.

His lawyers have argued Hutchins did not fully understand Miranda warnings because he is a foreigner and was also sleep-deprived after a week partying in Vegas.

A judge will issue a ruling on the defence’s request for the statements to be inadmissible in a couple of weeks.

During testimony, the FBI agents contradicted themselves about when Hutchins was shown the indictment. One said it was before the interview, but another testified it was much later in the interrogation.

Although the interrogation was recorded, it does not include the portion at the beginning when the agents say they advised Hutchins of his rights.

One of the prosecutors in the case said it is clear Hutchins knew why he was being detained and pointed to a transcript of a jail interview with an unidentified person who Hutchins tells, “I knew it was always going to come back,” referring to the Kronos malware he is accused of creating.

“He knows deep down what’s going on and why he’s there,” said Michael Chmelar, an assistant US lawyer.

In the same call, Hutchins also relays part of what he told the FBI agents, according to the transcript:

“So I wrote code for a guy a while back who then incorporated it into a banking malware, so they have logs of that, and essentially they want to know my part of the banking operation or if I just sold the code onto some guy then they wanted me to, once then found I sold the code to someone, they wanted me to give them his name, and I don’t actually know anything about him.”

Hutchins’s arrest last August came as a shock because only four months earlier he was lauded as a cybercrime-fighting hero for finding a “kill switch” to slow the outbreak of the WannaCry virus, which crippled computers worldwide, encrypting files and making them inaccessible unless people paid a ransom.

The indictment said the crimes happened between July 2014 and July 2015, but prosecutors have not offered any details about the number of victims. Prosecutors also said in recent court filings that Hutchins is suspected to have sold the Kronos software to someone in Wisconsin and that he “personally delivered” the software to someone in California.

In addition to computer fraud, the indictment lists five other charges, including attempting to intercept electronic communications and trying to access a computer without authorisation.

Hutchins faces decades in prison if convicted of all the charges. He has been barred from returning home and has been living in California, where he works as a cyber-security consultant while awaiting trial.