Marcus Hutchins, 23, has been charged with six counts of creating and distributing malware known as Kronos.
Hutchins made a telephone call from jail hours after his arrest last August to an unidentified individual - which was recorded and filed by US prosecutors, according to court documents.
He said he had written code as a youngster which was turned into malicious software that prosecutors say harvested banking details.
According to court documents seen by The Washington Post, Hutchins said in the phone call: 'So I wrote code for a guy a while back who then incorporated it into a banking malware, so they have logs of that, and essentially they want to know my part of the banking operation or if I just sold the code on to some guy... once they found I sold the code to someone, they wanted me to give them his name, and I don't actually know anything about him.'
The cyber security expert also said logs of an online chat showed he had given software called 'compiled binary' to someone 'to repay a debt' of 'about five grand'.
He denies the charges and his lawyers argue the call is inadmissible as evidence as he had been 'coerced' by investigators.
The debt had arisen after he suffered a software malfunction while holding Bitcoin for another person.
As a result of the issue he lost some of the cryptocurrency.
Hutchins, also known as Malwaretech, also said in the phonecall: 'I think the coding part I was less than 18, but I think giving him the binary I might have been older than 18.'
He added: 'I knew it was always going to come back, I just didn't think it would be so soon.'
Hutchins, of Ilfracombe, Devon, was arrested in a first-class lounge at McCarran International Airport in Las Vegas as he waited to board a flight back to the UK on August 2 2017.
He helped shut down the global WannaCry cyber attack - which targeted the NHS - in May 2017.
The cyber expert was hailed as a hero when he found a 'kill-switch' that slowed the effects of the virus that hit more than 300,000 computers in 150 countries.
The investigation into the banking malware predates that attack and is completely unrelated, officials said.
An indictment from July 2017 says Hutchins created the Kronos malware before conspiring with another defendant, whose name has been redacted, to advertise and sell it on internet forums.
The unnamed defendant sold the software for 2,000 dollars (£1,500) in a digital currency, according to the charges that cover a period between July 2014 and July 2015.
Hutchins is due to appeal for the telephone call transcript, along with post-arrest statements, to be suppressed from legal proceedings at a hearing on Wednesday.
Lawyers argue that during questioning 'the government coerced Mr Hutchins, who was sleep-deprived and intoxicated, to talk'.
They argue that, as he is a British citizen he did not sufficiently understand warnings given over how comments he made may affect his case.