Attorneys for a British cybersecurity expert credited with stopping a worldwide computer virus last year told a federal judge Wednesday that the FBI agents who arrested him for allegedly creating malware used deception when interrogating him and those statements should be inadmissible.
The charge from Marcus Hutchins’ attorneys comes as they try to suppress what prosecutors say are incriminating statements Hutchins made to the agents and later during a jailhouse interview.
A grand jury indictment accuses Hutchins of creating and distributing malware known as Kronos, designed to steal banking passwords. Hutchins, 23, has pleaded not guilty.
FBI agents detained him in Las Vegas on Aug. 2 before he boarded a flight home to England and interrogated him for nearly two hours. The two FBI agents who arrested him testified Wednesday that he was properly mirandized and that he spoke to them voluntarily.
However, one of Hutchins’ attorneys argued the agents weren’t completely truthful with Hutchins and didn’t show him the indictment and charges he faced until an hour into the interrogation, which was recorded.
“That’s hiding the ball. You can’t waive rights if you hide the ball,” attorney Brian Klein said.
His attorneys have argued Hutchins didn’t fully understand Miranda warnings because he’s a foreigner and was also sleep-deprived after a week partying in Vegas.
A judge will issue a ruling on the defense’s request in a couple of weeks.
During testimony, the FBI agents contradicted themselves about when Hutchins was shown the indictment. One said it was before the interview, but another testified it was much later in the interrogation.
Although the interrogation was recorded, it doesn’t include the portion at the beginning when the agents say they advised Hutchins of his rights.
One of the prosecutors in the case said it’s clear Hutchins knew why he was being detained and pointed to a transcript of a jailhouse interview with an unidentified person who Hutchins tells, “I knew it was always going to come back,” referring to the Kronos malware he’s accused of creating.
“He knows deep down what’s going on and why he’s there,” said Michael Chmelar, an assistant U.S. attorney.
In the same call, Hutchins also relays part of what he told the FBI agents, according to the transcript:
“So I wrote code for a guy a while back who then incorporated it into a banking malware, so they have logs of that, and essentially they want to know my part of the banking operation or if I just sold the code onto some guy then they wanted me to, once then found I sold the code to someone, they wanted me to give them his name, and I don’t actually know anything about him.”
Hutchins’ arrest last August came as a shock because only four months earlier he was lauded as a cybercrime-fighting hero for finding a “kill switch” to slow the outbreak of the WannaCry virus, which crippled computers worldwide, encrypting files and making them inaccessible unless people paid a ransom ranging from $300 to $600.
The indictment said the crimes happened between July 2014 and July 2015, but prosecutors have not offered any details about the number of victims. Prosecutors also said in recent court filings that Hutchins is suspected to have sold the Kronos software to someone in Wisconsin and that he “personally delivered” the software to someone in California.
Robert Graham, a computer security expert not connected to the case, warned against concluding that Hutchins had done something wrong simply because his code wound up in malware.
“I’m not saying he didn’t cross a legal line somewhere, but the quotes (in the filing) are still consistent with somebody who is a security researcher rather than a malware kingpin,” Graham said in a text to The Associated Press.
In addition to computer fraud, the indictment lists five other charges, including attempting to intercept electronic communications and trying to access a computer without authorization. Hutchins faces decades in prison if convicted of all the charges. He has been barred from returning home and has been living in California, where he works as a cybersecurity consultant while awaiting trial.