Marcus Hutchins, 24, has pleaded guilty to two charges related to writing malware - or malicious software - court documents show.
Writing on his website, Hutchins said he regretted his actions and accepted "full responsibility for my mistakes".Hutchins has been held in the US since he was arrested by the FBI in 2017.
"As you may be aware, I've pleaded guilty to two charges related to writing malware in the years prior to my career in security," he wrote on his website.
"I regret these actions and accept full responsibility for my mistakes.
"Having grown up, I've since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks."
Hutchins, from Ilfracombe in Devon, was credited with stopping the WannaCry malware which was threatening the NHS and other organisations in May 2017.
But he was arrested at Los Angeles Airport in August of that year as he travelled home from a conference in the US.FBI agents arrested Hutchins on 2 August 2017 at Las Vegas's McCarran International Airport as he started his journey home after attending the Def Con hacker conference.