A British man who was credited with stopping a worldwide WannaCry ransomware attack last year, faces new federal charges for allegedly creating malware and lying to the FBI.
Federal prosecutors in Milwaukee charged Marcus Hutchins with four additional counts on Wednesday related to the creation of malware. The superseding indictment includes six charges filed against him last year.
Hutchins, who ran a security blog called MalwareTech, is accused of creating a malware known as UPAS Kit and distributing it with another person.
UPAS Kit, created in 2012, was allegedly marketed to "install silently and not alert antivirus engines," and would collect personal information from protected computers, according to a court document.
The new charges are in addition to charges filed against Hutchins last year for allegedly creating the malware Kronos in 2014 and 2015. Kronos also took personal identification from protected computers, according to the court documents. He is accused of conspiracy to defraud the US, computer fraud, lying to the FBI and the manufacture, distribution, possession and advertisement of an intercept device.
Hutchins' attorney said he expects his client to be cleared of all charges.
"We are disappointed the government has filed this superseding indictment, which is meritless," said his lawyer Brian Klein, in an email to CNNMoney. "
"It only serves to highlight the serious flaws in this prosecution," he said. "We expect Marcus to be vindicated and then he can return to doing what he loves: keeping us all safe from malicious software."
Hutchins was originally arrested in Las Vegas last year and posted $30,000 bond. He pleaded not guilty. He is living in Los Angeles, according to his lawyer.
Hutchins was regarded as a hero prior to his arrest, when he helped stop a WannaCry cyberattack that targeted 150 countries. The ransomware locked down computers and demanded $300 to get files back. It crippled businesses and forced some hospitals in the United Kingdom to turn away patients.
Hutchins, while working as a malware researcher at the Kryptos Logic security firm, developed a killswitch to stop the virus from spreading.