MILWAUKEE (AP) — The arraignment planned for Tuesday of a British cybersecurity researcher, who was arrested last week in Las Vegas on federal charges that he created and distributed a malware program to obtain banking passwords from unsuspecting computer users, has been postponed until next week.
The court date for Marcus Hutchins, 23, of Ilfracombe, England, was reset for Aug. 14 in U.S. District Court in Milwaukee, according to Elizabeth Makowski, a spokeswoman for the U.S. attorney’s office.
Hutchins was released Monday from a jail outside Las Vegas, where he had been held following his arrest last week at McCarran International Airport on his way home from the Def Con computer security convention in Las Vegas.
Prison spokeswoman Kayla Gieni said Tuesday that jailers at the Nevada Southern Detention Center outside Las Vegas no longer knew where Hutchins was. Makowski also did not know where Hutchins is now.
Electronic Frontier Foundation general counsel Kurt Opsahl said Monday he was awaiting word that bail had been posted and that Hutchins had been released from federal custody. The foundation, a digital civil-liberties nonprofit, was helping Hutchins obtain legal counsel.
Hutchins’ attorney in Las Vegas, Adrian Lobo, didn’t immediately respond to telephone and email messages from The Associated Press.
Hutchins is facing six federal charges dating to 2014, including conspiracy to commit computer fraud. He is accused of creating and distributing malicious software called Kronos designed to steal banking passwords.
Hutchins was credited with helping in May to curb the spread of WannaCry ransomware during an attack that crippled thousands of computers worldwide.
U.S. Magistrate Judge Nancy Koppe in Las Vegas on Friday set Hutchins’ bail at $30,000. The judge ruled that Hutchins was not a danger to the community and wasn’t a risk not to appear for future court proceedings.
But Koppe ordered Hutchins to surrender his passport and not use any device that has access to the internet. She restricted Hutchins’ travel to Nevada’s Clark County and, for court purposes, to Milwaukee. He was also ordered to stay at a halfway house until he secures a residence, where he would be subject to home detention and would have to wear an ankle-monitoring bracelet.
Hutchins did not enter a plea at Friday’s hearing. Other charges he faces are distributing and advertising an electronic communication interception device, attempting to intercept electronic communications and trying to access a computer without authorization. He could face decades in federal prison if he is convicted.
The indictment filed last month in Milwaukee alleges that Hutchins and another defendant, whose name was redacted, conspired between July 2014 and July 2015 to advertise, sell and profit from the Kronos banking Trojan malware.
Hutchins is accused of creating the malware and enabling cybertheft by spreading a program that can infect web browsers and capture usernames and passwords.
Hutchins has support in the information-security community, where some call him a principled, ethical hacker.
His mother, Janet, said it was unlikely that her son was involved in illegalities because he spends much of his time combatting malware attacks.
In May he was credited with discovering a so-called “kill switch” that slowed the unprecedented WannaCry outbreak, and with continuing for several days to fight the worm that crippled British hospitals and factories, government agencies, banks and other businesses around the world.
Though Hutchins previously worked under the alias MalwareTech, cracking WannaCry led to the loss of his anonymity and propelled him to cyber stardom, public appearances and a $10,000 cash prize that he said he planned to donate to charity.
He told The Associated Press at the time that he didn’t think he would ever return to being the “MalwareTech” that everyone knew.