FILE - This Monday, May 15, 2017, file photo shows British IT expert Marcus Hutchins, branded a hero for slowing down the WannaCry global cyberattack, during an interview in Ilfracombe, England. On Friday, Aug. 4, 2017, a computer law expert described the evidence so far presented to justify Hutchins' arrest in Las Vegas earlier in the week for allegedly creating and selling malicious banking software, as being problematic.
MILWAUKEE — A British cybersecurity researcher credited with helping curb a recent worldwide ransomware attack is expected in court Monday to hear federal charges accusing him of creating malicious software to steal banking information three years ago.
Marcus Hutchins could enter a plea during the hearing in Wisconsin federal court, where prosecutors charged him and an unnamed co-defendant with conspiring to commit computer fraud in the state and elsewhere. Authorities arrested the 23-year-old man on Aug. 2 at McCarran International Airport in Las Vegas, where he was going to board a flight to his home in Ilfracombe, England. He had been in Las Vegas for a cybersecurity convention.
Hutchins is free on $30,000 bail, but with strict conditions. He must wear an ankle monitor and stay at a halfway house or under house arrest in Las Vegas until his Monday hearing. A judge also ordered him to surrender his passport and barred him from using any device with access to the internet.
Hutchins' attorney, Adrian Lobo, has not responded to several phone messages from The Associated Press over the last week.
The legal troubles Hutchins faces are a dramatic turnaround from the status of cybercrime-fighting hero he enjoyed four months ago when he found a "kill switch" to slow the outbreak of the WannaCry virus. It crippled computers worldwide, encrypting files and making them inaccessible unless people paid a ransom ranging from $300 to $600.
Prosecutors allege that before Hutchins won acclaim he created and distributed a malicious software called Kronos to steal banking passwords from unsuspecting computer users. In addition to computer fraud, the indictment lists five other charges, including attempting to intercept electronic communications and trying to access a computer without authorization.
The indictment says the crimes happened between July 2014 and July 2015, but the court document doesn't offer any details about the number of victims. Prosecutors have not said why the case was filed in Wisconsin. The name of Hutchins' co-defendant is redacted from the indictment.
Hutchins faces decades in prison if convicted on all the charges.