Suspect identified in CIA 'Vault 7' leak that revealed iOS and Mac exploits

Posted:
in General Discussion
U.S. officials have identified a primary suspect in the so-called "Vault 7" leak that released a massive cache of information detailing the Central Intelligence Agency's cyber tools, including software exploits targeting iPhone and Mac devices.




Citing newly unearthed court documents, The Washington Post reports government authorities believe Joshua Adam Schulte provided WikiLeaks with top-secret CIA cyberweapons and espionage tools and techniques. The former CIA employee is being held in a Manhattan jail on unrelated charges as federal prosecutors attempt to build a case worthy of filing charges.

Schulte, who left the CIA for a private sector job in 2016, worked in the agency's Engineering Development Group and was responsible for crafting code used to break into computers, smartphones and other devices owned by terrorists and other targets.

The code archive was obtained by WikiLeaks and subsequently made public as the "Vault 7" release in March 2017. Attack vectors unmasked as part of the leak ranged from iOS exploits, both physical and remote, to malware impacting Windows and Android. The latter turned smart TVs into eavesdropping devices.

Apple responded to the WikiLeaks dump in short order, saying "many" of the iOS vulnerabilities had been patched in previous software updates.

In July, a subsequent Vault 7 data dump detailed workable exploits targeting hardware running Mac OS X 10.6 Snow Leopard and OS X 10.7 Lion.

The Federal Bureau of Investigation conducted a search of Schulte's New York City apartment a week after the March WikiLeaks revelation, but found no evidence of wrongdoing. Schulte was charged last August with possession of child pornography after investigators discovered illegal content on a server he created in 2009 while a student at the University of Texas, reports The New York Times.

He pleaded not guilty, saying up to 100 people had access to the server, and was released in September under the condition that he not leave New York City or engage in computer-related activities. In December, Schulte landed back in jail after breaching those guidelines.

In a statement obtained by The Post, Schulte claims he reported "incompetent management and bureaucracy" to the CIA's inspector general and a congressional oversight committee, a move he believes cast him in a bad light. Prior to the FBI search last year, Schulte said he was planning a vacation in Cancun, Mexico, with his brother, potentially giving the appearance that he was about to flee the country.

"Due to these unfortunate coincidences the FBI ultimately made the snap judgment that I was guilty of the leaks and targeted me," Schulte said.

Comments

  • Reply 1 of 10
    nunzynunzy Posts: 662member
    He should rot for what he did.
    mike1command_f
  • Reply 2 of 10
    elijahgelijahg Posts: 2,846member
    nunzy said:
    He should rot for what he did.
    Why? The same exploits could have been discovered and used by nefarious individuals (and who’s to say the US isn’t seen that way by some) to gain access to devices. Now they’ve been released, the holes patched, so less iOS exploits for the good of everyone. 
    racerhomie3StrangeDaysmwhitechiabrian green[Deleted User]
  • Reply 3 of 10
    hentaiboyhentaiboy Posts: 1,252member
    Funny how when they can't build a case against someone they always find porn on their PCs 🤔
    StrangeDaysbrian green[Deleted User]DAalsethelijahgjony0badmonk
  • Reply 4 of 10
    racerhomie3racerhomie3 Posts: 1,264member
    Not good for consumer security.Then the FBI tells us it can keep ‘backdoors’ safe.
  • Reply 5 of 10
    StrangeDaysStrangeDays Posts: 13,101member
    released in September under the condition that he not leave New York City or engage in computer-related activities. In December, Schulte landed back in jail after breaching those guidelines.“

    ...computers now comprise the fabric of our society. that’s like asking someone not engage in electricity-related activities. absurd. 
    berndogbrian greenDAalsethelijahg
  • Reply 6 of 10
    mwhitemwhite Posts: 287member
    released in September under the condition that he not leave New York City or engage in computer-related activities. In December, Schulte landed back in jail after breaching those guidelines.“

    ...computers now comprise the fabric of our society. that’s like asking someone not engage in electricity-related activities. absurd. 
    Wrong... It can be done if you don't want to end up back in jail.
    edited May 2018
  • Reply 7 of 10
    hammeroftruthhammeroftruth Posts: 1,354member
    hentaiboy said:
    Funny how when they can't build a case against someone they always find porn on their PCs 🤔
    Maybe they knew, but covered it up. It happened in 2006. That was before they hired him. They could have blackmailed him into working for them by planting the evidence. 
  • Reply 8 of 10
    at what point did "innocent until proven guilty" disappear in western society?

    it's also laughable that they are even prosecuting and making it public, it's like a burglar breaking into a home then suing the owner because they hurt themselves on something inside (turn a blind eye to the initial lawbreaking/wrongdoing). oh wait, that does happen.
  • Reply 9 of 10
    maestro64maestro64 Posts: 5,043member
    So the FBI found some of kiddy porn on a server which the guy set up many years ago to allow people to share data (file sharing) and can not provide he put the porn on the server. They also could not find any evidences this guy took the files from CIA servers and then sent them to Wikileak.

    They also claim to track down the Russian hackers who used series of proxy and VPN servers, and the FBI is 100% sure they found the people who hacked the election as they put it. But they can not seem to find a shred of evidence this was the guy who took their precious hacking information and claim he must have used TOR which is also a series of VPN and proxy servers.

    Here is the difference, Russian hacking the FBI does not have to provide beyond a reasonable doubt the Russian were the hackers, they can make claims like this since they will never have to stand up in court and back this up. But in the US for this guy they have to stand up in a court and swear they found the right guy and they have real evidence to back up their claims.

    I have funny feeling this guy is going to be railroaded so the CIA and FBI can save face.
    patchythepirateelijahg
  • Reply 10 of 10
    lkrupplkrupp Posts: 10,557member
    One GIANT reason to keep your operating system, security patches, and apps current. People come up with the dumbest reasons for thinking they have to stay on a certain version of their OS or not apply patches because of issues they choose not to deal with. But then I read a study that indicates over half of smartphone users don’t lock their devices... ever.
    elijahg
Sign In or Register to comment.