Marcus Hutchins, also known as MalwareTech

[seemslikeadream]

Tarah
‏

We have a trial date for @MalwareTechBlog. Marcus goes before a jury July 8th. Please support Marcus if you can by donating to his legal defense fund and spreading the word. https://www.crowdjustice.com/case/malwaretech/ …

https://twitter.com/tarah

Support MalwareTech!
by Tarah Wheeler
Legal campaign Lawyers: Zeitgeist Law PC Los Angeles, United States of America

Tarah Wheeler
Case Owner
We're friends of MalwareTech, and we want him to have the best legal defense available to him.
7
days to go
$29,147
pledged of $50,000 stretch target from 428 pledges
Pledge now
This case is raising funds for its stretch target. Your pledge will be collected within the next 24-48 hours (and it only takes two minutes to pledge!)

About the case Comments
Marcus Hutchins, also known as MalwareTech, is the hero security researcher from the United Kingdom who stopped the WannaCry ransomware that attacked computers around the world in May. In July, he was arrested at the airport by the United States FBI as he was leaving DEFCON, the annual gathering of information security researchers in Las Vegas, Nevada. Family and friends began frantically searching for him when he did not show up in the UK.

We've now found out that Marcus is being prosecuted under wiretap law and the Computer Fraud and Abuse Act--the CFAA. This United States law is notorious for its broad reach and vague language, which makes it vulnerable to creative interpretations and chills important security research. Fortunately, Marcus has an incredibly strong legal team in his corner. Marcia Hofmann is one of the most well known computer crime lawyers in the country, and is the first call of any security researcher faced with an overreaching CFAA charge. Brian Klein is a top federal criminal defense attorney who focuses on cutting-edge technology cases like Marcus's. Together they're the strongest indication that the security community believes Marcus should have the most vigorous and competent defense possible.

You can learn more about the case timeline here.

We, the information security community, and anyone who believes that Marcus Hutchins deserves the right to strong representation and a fair trial, are supporting Marcus's defense by raising funds to defray his legal expenses and fees (including experts), and doing whatever else is needed to help Marcus in his legal fight during these difficult times. This will be a long battle, but we're here all the way through. Marcus is aware of this campaign and appreciates everyone's help tremendously.

Janet Hutchins, Marcus's mom, says to you all: "'Thank you' doesn't seem enough. We have been overwhelmed by the support and generosity shown to Marcus and ourselves."

Thank you,
https://www.crowdjustice.com/case/malwaretech/

theguardian

Briton who stopped WannaCry attack arrested over separate malware claims

Marcus Hutchins arrested over his alleged role in creating Kronos malware targeting bank accounts

Sam Levin
First published on Thu 3 Aug 2017 13.57 EDT
Marcus Hutchins, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak in its tracks by discovering a hidden “kill switch” for the malware, has been arrested by the FBI over his alleged involvement in separate malicious software targeting bank accounts.

According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015.

The Kronos malware was spread through emails with malicious attachments such as compromised Microsoft Word documents, and hijacked credentials such as internet banking passwords to let its user steal money with ease.

Hutchins, who is indicted with another unnamed co-defendant, stands accused of six counts of hacking-related crimes as a result of his alleged involvement with Kronos. “Defendant Marcus Hutchins created the Kronos malware,” the indictment, filed on behalf of the eastern district court of Wisconsin, alleges.

He was arraigned in Las Vegas late Thursday afternoon and made no statement in court beyond mumbling one-word answers in response to a few basic questions from the judge.

A public defender noted that Hutchins had no criminal history and had cooperated with federal authorities in the past. The court-appointed attorney said Hutchins needed more time to hire a private attorney. Hutchins, who asserted his fifth amendment right to remain silent, was ordered to remain detained until another hearing on Friday.

His mother, Janet Hutchins, told the Press Association it was “hugely unlikely” that her son was involved because he has spent “enormous amounts of time” combating such attacks. She said she was “outraged” by the charges and had been “frantically calling America” trying to reach her son.

At the courthouse, a friend of Hutchins, who declined to give his name, said he was shocked to hear about the arrest.

“There’s probably a million different scenarios that could have played out to where he’s not guilty,” he said. “I’m definitely worried about him.”

The special agent in charge, Justin Tolomeo, said: “Cybercriminals cost our economy billions in loses each year. The FBI will continue to work with our partners, both domestic and international, to bring offenders to justice.”

Hutchins’ co-defendant advertised the malware for sale on AlphaBay, a darknet marketplace, the indictment alleges, and sold it two months later. The encrypted website operated like an extralegal eBay for drugs and malware, with independent sellers offering their products in exchange for payment in a number of cryptocurrencies such as bitcoin. It was not clear from the indictment if the malware was actually sold through AlphaBay.

The marketplace was shut down on 20 July, following a seizure of its servers by US and European police including the FBI and the Dutch national police. The FBI’s acting director, Andrew McCabe, said AlphaBay was 10 times as large as the notorious Silk Road marketplace at its peak.

When the site was taken down, its servers were seized, giving authorities a window into activity on the site. The operation included the arrest on 5 July of the suspected AlphaBay founder, Alexandre Cazes, a Canadian citizen detained on behalf of the US in Thailand. Cazes, 25, died a week later while in Thai custody.

22-year-old who halted global cyber-attack: ‘I’m no hero’ – video
The security researcher Ryan Kalember, from Proofpoint, says that the Kronos malware was notable for being a particularly slick, and expensive, offering. “It had nice remote administration, with a dashboard panel, and it was quite good at evading attention by antivirus products,” he said. It was sold on malware forums for prices of up to $7,000 (£5,330), according to Kalember; the indictment against Hutchins lists prices of $2,000 (£1,523) and $3,000 (£2,284).

New Kronos infections continued as late as 2016, when the malware was repurposed into a form used to attack small retailers, infecting point-of-sale systems and harvesting customers’ credit card information.

“A lot of us thought of Kronos as crimeware-as-a-service,” Kalember said, since a Kronos buyer would also be getting “free updates and support” and that “implied there’s a large group behind it”.

This could very easily be the FBI mistaking legitimate research activity with being in control of Kronos infrastructure
Ryan Kalember, security researcher
He also warned that the actions of a researcher examining the malware can look very similar to those of a criminal in charge of it. “This could very easily be the FBI mistaking legitimate research activity with being in control of Kronos infrastructure. Lots of researchers like to log in to crimeware tools and interfaces and play around.”

On top of that, for a researcher looking into the world of banking hacks, “sometimes you have to at least pretend to be selling something interesting to get people to trust you”, he said. “It’s not an uncommon thing for researchers to do and I don’t know if the FBI could tell the difference.”

On 13 July 2014, a video demonstrating the Kronos malware was posted to YouTube, allegedly by Hutchins’ co-defendant (the video was taken down shortly after Hutchins’ arrest). That same day, Hutchins tweeted asking for a sample of the malware to analyse.

Hutchins, better known online by his handle MalwareTech, had been in Las Vegas for the annual Def Con hacking conference, the largest of its kind in the world. He was at the airport preparing to leave the country when he was arrested, after more than a week in the the city without incident.

The security researcher became an accidental hero in May when he registered a website he had found deep in the code of the ransomware outbreak that was wreaking havoc around the world, including disrupting operations at more than a third of NHS trusts and bodies.

The site, it turned out, acted as a kill switch for the malware, which stopped infecting new computers if it saw that the URL had been registered.

Attendees at the Def Con 2017 hacker convention in Las Vegas in July.
Attendees at the Def Con 2017 hacker convention in Las Vegas in July. Photograph: Steve Marcus/Reuters
When WannaCry first appeared, in early May, it spread rapidly, infecting hundreds of thousands of computers worldwide in less than a day, encrypting their hard drives and asking for a ransom of $300 in bitcoin to receive the decryption key. It moved particularly quickly through corporate networks thanks to its reuse of a security exploit, called EternalBlue, first discovered by the NSA before being stolen and leaked by an allegedly Russian-linked hacking group called the Shadow Brokers.

Both US and UK intelligence agencies later linked the malware outbreak to North Korean state actors, who have become bolder in recent years in using cyber-attacks to raise revenue for the sanction-laden state.

Hutchins was recently given a special recognition award at the cybersecurity celebration SC Awards Europe for halting the WannaCry malware. The malware ended up affecting more than 1m computers, but without Hutchins’ apparent intervention, experts estimate that it could have infected 10-15m.

Hutchins’ employer, the cybersecurity firm Kryptos Logic, had been working closely with US authorities to help them investigate the WannaCry malware. Hutchins handed over information on the kill switch to the FBI the day after he discovered it, and the chief executive of the firm, Salim Neino, testified in front of the US House of Representatives committee on science, space and technology the following month.

“The largest success, though incomplete, was the ability for the FBI and NCSC of the United Kingdom to aggregate and disseminate the information Kryptos Logic provided so that affected organizations could respond,” Neino told the committee.

Hours after Hutchins was arrested by the FBI, more than $130,000 (£100,000) of the bitcoin ransom taken by the creators of WannaCry was moved within the bitcoin network for the first time since the outbreak. There is nothing to suggest the withdrawal, which appears to have moved the coins into a “mixer”, a digital money-laundering system, is connected to the arrest of Hutchins.

Dan Hernandez contributed reporting

• This article was amended on 9 August 2017. An earlier version said a video demonstrating the Kronos malware was posted on 13 June. This has been corrected to 13 July 2014.
https://www.theguardian.com/technology/ ... ined-in-us

arstechnica

MalwareTech loses bid to suppress damning statements made after days of partying

Researcher said statements he made after taking intoxicating substances should be thrown out.

Dan Goodin - 2/13/2019, 6:19 PM
Then-23-year-old security researcher Marcus Hutchins in his bedroom in Ilfracombe, UK, in July 2017, just weeks before his arrest on malware charges.
Enlarge / Then-23-year-old security researcher Marcus Hutchins in his bedroom in Ilfracombe, UK, in July 2017, just weeks before his arrest on malware charges.
Chris Ratcliffe/Bloomberg via Getty Images
Marcus Hutchins, the widely acclaimed security researcher charged with creating malware that sold for thousands of dollars on the Internet, has lost his bid to suppress self-incriminating statements he made following days of heavy partying at the 2017 Defcon hacker convention in Las Vegas.

Hutchins—who, under the moniker MalwareTech, unwittingly helped neutralize the virulent WannaCry ransomware worm—was charged with developing the Kronos banking trojan and an advanced spyware program known as the UPAS Kit. The then-23-year-old UK citizen was arrested in August 2017 at McCarran International Airport as he was about to fly home. He had spent the previous week attending the Black Hat and Defcon conferences. Hutchins has pleaded not guilty to the charges.
According to court documents, federal agents questioned Hutchins in an airport interview room shortly after he was arrested. When asked about his involvement in developing malware, the court records show, Hutchins grew visibly confused about the purpose of the interrogation. Eventually, prosecutors said, Hutchins acknowledged that, when he was younger, he wrote code that ended up in malware, but he denied that he had developed the malware itself. After reviewing some source code produced by the agents, Hutchins asked if the investigators were looking for the developer of Kronos. Hutchins then told the interrogators he didn't develop Kronos and had "gotten out" of writing code for malware before he turned 18.

Allegedly, Hutchins then said he had feared law enforcement authorities would pursue him instead of the actual developer, because pieces of his code appeared in Kronos and that implicated him in the investigation into its creation. Still, he continued to voice confusion about why he was being detained. Almost 80 minutes into the interrogation, agents finally provided Hutchins with his arrest warrant and told him it had nothing to do with WannaCry. During the remainder of the interview, which lasted for another 20 minutes, Hutchins continued trying to be helpful but again noted he had been "out" of "blackhat" hacking for so long that he didn't have any useful information.

Jailed

Hutchins was then taken to jail, where he made two phone calls. Despite being informed the calls were subject to monitoring and recording, Hutchins allegedly "made incriminating statements," court records showed, without elaborating.

In a motion filed in US District Court for the Eastern District of Wisconsin, attorneys for Hutchins moved to suppress the statements and any evidence that may have been obtained as a result of them. Hutchins' grounds are that he didn't waive his Miranda rights against self-incrimination and that his intoxication and limited understanding of the US criminal procedural system made it impossible for him to voluntarily waive those rights.

In a ruling issued Monday, US District Judge J.P. Stadtmueller of the Eastern District of Wisconsin denied the motion. The 32-page decision cited Hutchins' own acknowledgment that he was read his Miranda rights, although the ruling noted there was insufficient evidence to establish if Hutchins received his rights at the beginning of the interrogation. The judge also noted that FBI agents testified under oath that the rights were issued at the beginning of the interrogation.

"In light of Hutchins's admission that he received his Miranda rights, and in light of the agents' corroborating testimony that this occurred before the interrogation, as well as the lack of any indication of when else he may have received them, the court finds that Hutchins was sufficiently apprised of his rights before the interrogation," Judge Stadtmueller wrote.

Hungover? Maybe. Drunk? No.

The judge went on to rule that there were sufficient grounds to find Hutchins's waiver of rights was voluntary. While intoxication, exhaustion, or physical discomfort can all be reasons a waiver might not be considered voluntary, Stadtmueller said it was unlikely Hutchins' alleged impairment significantly factored into his ability to give a voluntary waiver or to make him more susceptible to coercive interrogation practices.

The FBI agents, the judge said, monitored Hutchins continually since the beginning of the day of his arrest to ensure he was sober when he was detained. They then walked him to two separate locations inside the airport and engaged him in conversations to assess whether he was intoxicated.

"Hutchins appeared to be alert, engaged, coordinated, and coherent," Stadtmueller wrote. "There is no evidence in the record to the contrary. There is also no evidence, nor does Hutchins claim, that he was under the influence of drugs that day—only that he was exhausted. But a terrible hangover alone does not, as a matter of law, render someone unable to exercise or waive their Miranda rights. This factor does not weigh in Hutchins's favor."

Judge Stadtmueller went on to rule against Hutchins' claim that he was unable to make a voluntary waiver because of his unfamiliarity of suspect rights in US criminal proceedings. The judge also said Hutchins had failed to meet his burden of presenting "clear and convincing evidence" that FBI agents misled him about the true intentions of the interrogation. Hutchins, the judge said, received his Miranda rights and understood he was under arrest for alleged criminal activity that somehow related to Kronos.

What's more, Stadtmueller said, even though the FBI agents didn't present the warrant at the outset, the interrogation lasted another 20 minutes. During that time, Hutchins continued to consent to searches and answer questions.

The judge went on to acknowledge that it wasn't always clear whether Hutchins understood or remembered the criminal charges against him. "At one point in the interrogation, he made a comment that showed that he did not realize he had even been indicted." But ultimately, Stadtmueller said the scope of the questions should have put Hutchins on notice about the true purpose of the interview.

FBI agents rebuked but ultimately excused

The judge did go on to rebuke the agents for failing to meet their obligation under the Federal Rules of Criminal Procedure to tell Hutchins precisely why he was arrested.

"There is certainly an element of deception to this set of events that the court does not endorse," Stadtmueller wrote. The judge continued later:

The court is concerned by the abject failure of the agents to abide by the Federal Rules of Criminal Procedure 4(c), but their obvious interest in Kronos—including providing Hutchins with a string of code related to kronos—leads the court to conclude that there is not clear and convincing evidence that they acted with intent to deceive.

...

Under the totality of the circumstances—considering Hutchins's exhausted state, his unfamiliarity with the American criminal procedure system, his high level of intelligence, and the lack of material deception, there is an insufficient basis for the Court to find that Hutchins's statements were involuntary. It is wholly improper that he was not provided with a warrant immediately upon arrest. But in light of the record of the post-arrest interrogation, the government has met its burden in proving that the waiver was voluntary.

In the same decision, Stadtmueller denied motions by Hutchins that various counts in a superseding indictment be dismissed for a variety of different reasons.
Monday's decision is the second time Hutchins' motions to suppress and dismiss counts have been denied. Magistrate Judge Nancy Joseph, also of the US District Court for the Eastern District of Wisconsin, issued a report earlier that recommended denying all motions on largely the same grounds.

Based on the court ruling, it appears likely the statements and any evidence they produced will now be in force while the case proceeds through lower court. The denial to suppress the statements is likely to come as a blow to Hutchins' supporters. During the days before his arrest, Hutchins' Twitter account chronicled a life of partying and night clubs that isn't uncommon for people attending Black Hat and Defcon.

If the Twitter account accurately portrays how Hutchins spent his time in the days leading up to his arrest, it's not hard to see how the combination of extreme fatigue, unfamiliar surroundings, and youth might have contributed to a costly lapse in judgement that could follow him for years to come.
https://arstechnica.com/tech-policy/201 ... -partying/

[seemslikeadream]

Stadtmueller: He'll have to be processed in England. He'll be subject to probation's jurisdiction. Nothing in judgement require he stay in US. I'm seeking to avoid him being atken into custody by ICE. We don't need any more publicity or another statistic.

Marcus Hutchins, malware researcher and ‘WannaCry hero’, sentenced to supervised release
60 mins ago

MILWAUKEE, WI. — Marcus Hutchins, the malware researcher who became known as an “accidental hero” for stopping the WannaCry ransomware attack in 2017, has been sentenced to supervised release for one year on charges of making and selling the Kronos banking malware.

Presiding Judge J. P. Stadmueller described Hutchins, 25, as a “talented” but “youthful offender” in remarks in court Friday.

The judge said Hutchins’ time had been served and will face no time in jail.

“It’s going to take the people like [Hutchins] with your skills to come up with solutions because that’s the only way we’re going to eliminate this entire subject of the woefully inadequate security protocols,” said Stadmueller.

The judge said he look into account Hutchins’ age at the time of the offenses, and gave him credit for “turning a corner” in his life before charges were brought.

Stadmueller said his sentence is likely, however, to bar him from re-entering the United States.

In a statement, Hutchins said he made some “bad decisions” as a teenager. “I deeply regret my conduct and the harm that was caused,” he said.

“I have no desire to go back to that life,” he said, and apologized to the victims of the malware he created.

Hutchins, a British citizen who goes by the online handle @MalwareTech, was arrested in Las Vegas by federal marshals in August 2017 while boarding a flight back to the U.K. following the Def Con security security conference. The government alleged in an indictment that he developed Kronos, a malware that steals banking credentials from the browsers of infected computers. The indictment also accused him of developing another malware known as the UPAS Kit. Hutchins was bailed on a $30,000 bond.

Since his indictment, he had been living in Los Angeles.

Hutchins initially denied creating the malware. But after prosecutors filed a superseding indictment, he later pleaded guilty to the two primary counts of creating and selling the malware. Eight remaining charges were dropped following his change in plea.

Prosecutors said Hutchins faced up to 10 years in prison and a maximum $500,000 fine.

In a statement following his guilty plea, he said he regretted his actions and accepted “full responsibility for my mistakes.”

Prosecutors said although Hutchins and an accomplice had generated only a few thousand dollars from selling the malware, Kronos allowed others to financially benefit from using the malware.

Hutchins’ indictment came four months after he was hailed as a hero for registering a domain name that stopped the spread of the WannCry cyberattack, which knocked tens of thousands of computers offline with ransomware in a few hours.

The ransomware attack, later blamed on North Korean hackers, spread across Ukraine, Europe and the U.K., encrypting systems and knocking businesses and government departments offline. The U.K.’s National Health Service NHS was one of the biggest organizations hit, forcing doctors to turn patients away and emergency rooms to close. Hutchins, who at the time of the attack worked for Los Angeles-based Kryptos Logic from his home in the south of England, registered the domain in an effort to understand why the ransomware was spreading. It later transpired the domain acts as a “kill switch” and stopped it dead in its tracks.

In the week after, the kill switch became the target of powerful botnets hoping to knock the domain offline and spark another outbreak.

Hutchins told TechCrunch last month that the WannaCry attack was one of the most stressful and exhausting moments in his life.

Since the attack, however, Hutchins received additional acclaim for his malware research on new infections and botnet activities. He has been praised for live-streaming his work so others can learn how to reverse engineer malware. Many in the security community — and further afield — have called on the court to grant Hutchins clemency for his recent concerted efforts to protect users from security threats.

Prosecutors acknowledged Hutchins’ reformed character in a sentencing memo filed this week, saying Hutchins has “since made a good decision to turn his talents toward more positive ends.”

When reached, a Justice Department spokesperson deferred comment to the U.S. Attorney’s Office for the Eastern District of Wisconsin, which did not immediately comment.
https://techcrunch.com/2019/07/26/marcu ... ed-kronos/

emptywheel

Victory toast.

AFTER TWO YEARS, MALWARETECH IS A FREE MAN

July 26, 2019/3 Comments/in Cybersecurity /by emptywheel


If you’ve been following my Twitter account, you already know the Happy Ending: Marcus Hutchins just walked out of Milwaukee’s Federal Courthouse a free man. While he might have faced up to fourteen months in prison, Judge JP Stadtmueller sentenced Hutchins to time served and a year of probation.

The legal battle, by Brian Klein and Marcia Hofmann, was won in sealed sentencing motions and a short exchange at the beginning of the hearing, significantly an exchange persuading the judge there should be no sentencing enhancement for the damage done. In spite of the fact that the government’s sentencing memo confirmed what had been clear all along: virtually all the identified victims were overseas, especially in Hutchins’ home in the UK, which made it pretty crazy the US was prosecuting him and Britain was not. Nevertheless, the government tried to substantiate a claim of $47 to $60,000 by scraping one of the dark web sites where malware based on the code he wrote had been sold. “The loss exists but it’s very difficult to pin down,” prosecutor Ben Proctor admitted.

Hofmann insisted it’s the government’s burden to substantiate loss, and what they had done in an attempt to do so was too speculative.

Stadtmueller agreed. But his views on loss focused more on comparing the government’s uncertain numbers with the known damage of WannaCry, which Hutchins had managed to tame by creating a sinkhole for it. “When it comes to matter of loss or gain,” Judge Stadtmeuller said, “the most striking is comparison between you passing Kronos and WannaCry, if one looks at loss & numbers of infections, over 8B throughout world w/WannaCry, and >120M in UK.”

And that decision made Hutchins eligible for probation. In any case, Stadtmeuller noted in a comparison from the single other CFAA charged he presided over in his 30+ year career as a judge, sentencing guidelines are now mandatory.

When Stadtmueller noted that had this case been tried closer to the time when Hutchins stopped WannaCry, he’d have gotten cooperation credit for that act, and when he noted that this case shouldn’t have proceeded for 17 months, it became clear (as had the single order he had submitted in the case before today) he was really struggling to understand why the hell the government had decided to prosecute the guy who had shut down WannaCry.

Stadtmueller, a 77-year old senior judge, several times described how insecure everything digital is, how the protocols for security cyberspace are woefully inadequate. Stadtmueller repeatedly noted that everyone agreed that Hutchins had given up criminal hacking well before these charges. That helped Stadtmueller to ignore the government’s claims about needing a deterrent. The judge described the community of people who love and support Hutchins — not just his family but also the cybersecurity community (some of whom submitted letters in support describing what a great person he is and the import of his actions on WannaCry). He noted how many of those people also, like Hutchins, worked to secure the Internet.

Hutchins gave a statement that went roughly like this:

Your honor when I was a teenager I made series of bad decisions. I deeply regret the conduct and the harm which resulted. I eventually discontinued but wish I could go back. I now work in cybersecurity stopping same kinds of malware. [Comment about creating training videos] I do this in hopes i can steer people away from my mistakes. Future reinforces that I have no plan to go back, I’d like to dedicate more time to teaching next generation of security experts. I’d like to apologize to victims, those who learned of my past, my family.

After a half-hearted attempt from Proctor to emphasize the theft enabled by Hutchins’ malware, Stadtmueller then started a long speech, one that started by noting that of the 2,200 defendants whose sentencing he had overseen in 32 years, Hutchins’ was unique because, “one might view ignoble conduct against backdrop as work a hero, a true hero. That is, at the end of the day, what gives this case it’s uniqueness.” He emphasized we need people like Hutchins to help secure the Internet. “It’s going to take individuals like yourself who have skillset to come up with solutions, bc that is the only way we’re going to eliminate this subject of woefully inadequate security protocols for entire panoply of infotech systems.”

The judge them emphasized that, on top of everything else, Hutchins had been away from home for two years.

That’s when what every lawyer watching in the courtroom I spoke with called unprecedented. The Judge suggested Hutchins should get a pardon, which would enable him to come back to the US to work. “While court has no pardon power, matter reserved to the executive. Truly left for another day.”

He then imposed Hutchins’ sentence. “We reach a point in balancing these considerations, court left to make final call. Final call is a sentence of time served with one year of supervised release.” He went on to make it clear that, once Hutchins finishes packing up his life in LA, he wanted to be sure that Immigration doesn’t get custody. “Nothing in this judgement requires he stay in the United States. I’m seeking to avoid him being taken into custody by Immigration and Customs. We don’t need any more publicity or another statistic.”

“Thank you your honor,” said as the rest of the bureaucratic details of probation were discussed.

This case should never have been prosecuted in the first place. And when Hutchins tried to challenge the details of the case — most notably the one largely ceded today, that the government really doesn’t have evidence that 10 computers were damaged by anything Hutchins did — the government doubled down and issued a superseding indictment that, because of the false statements charge, posed a real risk of conviction.

Thankfully, one judge saw exercised justice the way it’s supposed to work, even if it took two years to get here.
https://www.emptywheel.net/2019/07/26/a ... -free-man/