Hutchins, hailed a hero for stopping an NHS cyberattack in May, was arrested in the US over malware used to harvest bank details.
Marcus Hutchins, 23, plans to plead not guilty to all six counts he faces regarding the creation and distribution of the Kronos malware, his lawyer said after his hearing in a Las Vegas court.
Earlier, a prosecutor told the court that Hutchins had admitted in a police interview that he created the code for the malware.
He has been bailed under the condition that he pays $30,000 (£23,000) and that he stays in the US.
Hutchins, from Ilfracombe, Devon, gained worldwide attention for detecting a « kill switch » that effectively disabled the WannaCry worm in May.
The attack crippled the NHS and infected hundreds of thousands of computers worldwide, causing disruption at car factories, hospitals, shops and schools in more than 150 countries.
The current case in Las Vegas is unrelated to the WannaCry attack that struck the NHS, the US Justice Department has said.
Hutchins was arrested at the city’s McCarran International Airport after he tried to fly back from the Def Con hacking conference, according to a friend in the IT security industry.
Court filings accuse Hutchins, known online as MalwareTech, of advertising, distributing and profiting from malware code known as Kronos that stole online banking credentials and credit card data.
Such malware infects web browsers, then captures usernames and passwords when an unsuspecting user visits a bank’s website or another trusted location.
The suspected activity took place between July 2014 and July 2015, according to the court documents.
