WannaCry hero, Marcus Hutchins, pleads guilty for writing banking malware UPAS Kit and Kronos, prior to years he started his career as malware analyst.

He is known for registering the killswitch domain in 2017 which halted the WannaCry ransomware infection process.

According to the court documents obtained by ZDNet, he pleaded guilty to two counts, one for creating and distributing malware and another count for aiding in distribution, other eight counts have been dismissed.

Hutchins faces up to five years in prison, fines up to $250,000 and up to one year of supervised release.

He published a short statement on his website

As you may be aware, I’ve pleaded guilty to two charges related to writing malware in the years prior to my career in security. I regret these actions and accept full responsibility for my mistakes. Having grown up, I’ve since been using the same skills that I missed several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.

He got arrested a few months after the WannaCry attack when he was returning to the UK after attending the Def Con security conference.

During his bail time he shared his malware analysis skills with infosec community, he published various in-depth malware analysis methods including the first look of NSA Reverse Engineering Tool Ghidra.

The case was processed slowly for more than a year as many researchers unwilling to accept his role in Kronos malware campaign. The case shocked the infosec community, as he honored as a hero in stopping the WannaCry ransomware infection.