He added, "Also, the UK intelligence services vetted him – a year ago? I can't remember. Gosh, imagine if they knew he used online forums."
Also, the UK intelligence services vetted him - a year ago? I can't remember. Gosh, imagine if they knew he used online forums ?— Kevin Beaumont (@GossiTheDog) 5 September 2017
Krebs wrote a long article about Hutchins, concluding: "The clues suggest that Hutchins began developing and selling malware in his mid-teens — only to later develop a change of heart and earnestly endeavour to leave that part of his life squarely in the rearview mirror."
Another security researcher, who uses the pseudonym x0rz, said in a tweet: "He (Hutchins) did have fun trying to learn when he was young, maybe he did resell malware – yet it has nothing to do with Kronos."
He did have fun trying to learn when he was young, maybe he did resell malware - yet it has nothing to do with Kronos— x0rz (@x0rz) 5 September 2017
A third researcher, Robin Jackson, had this to say: "I respect @briankrebs but his exercise in "doxing" Marcus did nothing to show validity of the charges (by his own admission)...NOTHING."
And yet another well-known infosec figure, Rob Graham, issued a long thread of tweets, starting out with this: "1/ That @MalwareTechBlog is the 'wrong guy' was never the narrative. The narrative is that we stand behind members of our community."
He followed up with this: "2/ People are innocent until proven guilty. We should not expel him as a pariah until he's been proven guilty."
3/ In particular, we are often misunderstood and the FBI is often abusive. For example, they questioned him for 2 days without a lawyer.— Rob Graham٩(●̮̮̃●̃) (@ErrataRob) 5 September 2017
Hutchins, who gained the attention of the world when he stopped the spread of the WannaCry ransomware by accident in May, was arrested by the FBI in Las Vegas on 2 August after he had boarded a plane to leave the US.
He had gone to the US to attend the annual DEFCON security conference.
The chargesheet against him said he had written and helped distribute Kronos along with an unnamed co-conspirator.
Leaving all these numerous traces about other small stuff over years, but nothing about Kronos, is, if anything, a positive for him anyway.— SwiftOnSecurity (@SwiftOnSecurity) 6 September 2017