A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. (Xinhua/REUTERS)
LOS ANGELES, Aug. 6 (Xinhua) -- Marcus Hutchins, a young British computer expert who helped shut down the WannaCry ransomware attack in May, could face a maximum of roughly 40 years in jail in the United States for writing and spreading a malicious software that targeted bank accounts.
The young cyber security expert was arrested by the FBI on August 2 after attending the Def Con hacking conference in Las Vegas, according to the website MotherBoard.
Hutchins is currently facing six counts of hacking-related charges from the United States Department of Justice (DOJ), including helping create, spreading and maintaining the banking Trojan Kronos between 2014 and 2015. If found guilty, the computer expert could face a maximum sentence of 40 years in jail in the United states, according to local media reports.
The judge at Las Vegas court ruled on Friday that Hutchins could be released on a 30,000 U.S. dollar bail, saying the defendant wasn't a danger to the community nor a flight risk, though the judge ordered him to remain in the U.S. with GPS monitoring.
Hutchins has pleaded not guilty to charges of creating and distributing the infamous Kronos banking malware and is set to be released on a 30,000 dollar bail on Monday, according to Adrian Lobo, Hutchins' defence attorney.
Since the clerk's office closed at 4:00 p.m (1100 GMT) local time, Hutchins could not get bail in time on Friday, according to the attorney, who expects Hutchins will be released on Monday but will need to appear in Wisconsin for facing the grand jury indictment on Tuesday (August 8).
"We intend to fight the case," Lobo said on Facebook Live to local reporter Christy Wilcox, at the court house. "He has dedicated his life to researching malware, not to try to harm people. He has tremendous community support, local and abroad and in the computer world."
The Kronos malware, which is spread through malicious email attachments, can be used to steal banking passwords and other credentials from infected computers.
Hutchins, known as MalwareTech on Twitter, is quite active online, but since August 2, no tweet has been posted on his account @MalwareTechBlog.
"I can confirm @MalwareTechBlog was detained yesterday and FBI/U.S. Marshalls won't tell me where he is," Andrew Mabbitt, a cyber security company founder and Hutchins' friend, tweeted on August 3, saying that he does not believe the charges against Hutchins.
"He spent his career stopping malware, not writing it," tweeted Mabbitt.
Hutchins was hailed a hero in May for discovering a "kill switch" for the WannaCry ransomware to delay its global spreading as it infected and forced hospitals, telecom providers and many other businesses worldwide to shut down.
The WannaCry ransomware encrypted files of hundreds of thousands of computers and then charged victims Bitcoins worth 300 to 600 dollars as ransom.
On the night of August 2, right after Hutchins' detention, the hackers behind the global WannaCry ransomware attack abruptly cashed out all their ransom payments within 15 minutes, though there is no indication that the two events are connected.