Marcus Hutchins' efforts to stop the spread of WannaCry malware just helped him avoid prison time. Judge JP Stadtmueller has sentenced Hutchins to a year of supervised release after he pleaded guilty to creating and distributing Kronos banking malware. He was a teen when he committed the offenses, according to the judge, and he was "turning a corner" before he faced charges. Hutchins acknowledged that he'd made "bad decisions" and that he had "no desire" to slip back into a life of online crime.
There could still be serious consequences. Although Hutchins has been living in Los Angeles since the charges came to pass, Stadtmueller warned that the sentence will likely prevent the security researcher from re-entering the US.
This isn't likely to satisfy people who argued Hutchins should avoid any punishment given his efforts. It's still good news for him, though, and may help the security industry at large. On top of snapping up the kill switch domain that halted WannaCry, Hutchins has also conducted important research on botnets and malware infections. He even livestreams some efforts to show how you can reverse-engineer malware and develop effective counters. Those efforts will continue now that Hutchins is effectively free, even if there are conditions attached.