Marcus Hutchins, 24, from Ilfracombe, Devon, who is also known as Malwaretech, said he had admitted two charges relating to writing malware.
The cyber expert was hailed as a hero in May 2017 when he found a “kill-switch” that slowed the effects of the WannaCry virus that hit more than 300,000 computers in 150 countries.
Hutchins was arrested by FBI agents in a first-class lounge at McCarran International Airport in Las Vegas as he waited to board a flight back to the UK on August 2 2017.
He had been in the US to attend the Def Con hacking convention. Documents from a court in Wisconsin say Hutchins helped create and sell “malicious computer code” known as Kronos.
It said: “The malware was designed to target banking information and to work on many types of web browsers, including Internet Explorer, Firefox, and Chrome.
“Since 2014, Kronos has been used to infect numerous computers around the world and steal banking information.”
Both counts carry maximum punishments of five years in prison and fines of up to 250,000 dollars (£190,000).
Hutchins has told the Press Association that sentencing is “yet to be scheduled”.
In a statement on his website, Hutchins wrote: “I regret these actions and accept full responsibility for my mistakes.
“Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes.
“I will continue to devote my time to keeping people safe from malware attacks.”