Suspect identified in CIA 'Vault 7' leak that revealed iOS and Mac exploits

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

U.S. officials have identified a primary suspect in the so-called "Vault 7" leak that released a massive cache of information detailing the Central Intelligence Agency's cyber tools, including software exploits targeting iPhone and Mac devices.

Citing newly unearthed court documents, The Washington Post reports government authorities believe Joshua Adam Schulte provided WikiLeaks with top-secret CIA cyberweapons and espionage tools and techniques. The former CIA employee is being held in a Manhattan jail on unrelated charges as federal prosecutors attempt to build a case worthy of filing charges.

Schulte, who left the CIA for a private sector job in 2016, worked in the agency's Engineering Development Group and was responsible for crafting code used to break into computers, smartphones and other devices owned by terrorists and other targets.

The code archive was obtained by WikiLeaks and subsequently made public as the "Vault 7" release in March 2017. Attack vectors unmasked as part of the leak ranged from iOS exploits, both physical and remote, to malware impacting Windows and Android. The latter turned smart TVs into eavesdropping devices.

Apple responded to the WikiLeaks dump in short order, saying "many" of the iOS vulnerabilities had been patched in previous software updates.

In July, a subsequent Vault 7 data dump detailed workable exploits targeting hardware running Mac OS X 10.6 Snow Leopard and OS X 10.7 Lion.

The Federal Bureau of Investigation conducted a search of Schulte's New York City apartment a week after the March WikiLeaks revelation, but found no evidence of wrongdoing. Schulte was charged last August with possession of child pornography after investigators discovered illegal content on a server he created in 2009 while a student at the University of Texas, reports The New York Times.

He pleaded not guilty, saying up to 100 people had access to the server, and was released in September under the condition that he not leave New York City or engage in computer-related activities. In December, Schulte landed back in jail after breaching those guidelines.

In a statement obtained by The Post, Schulte claims he reported "incompetent management and bureaucracy" to the CIA's inspector general and a congressional oversight committee, a move he believes cast him in a bad light. Prior to the FBI search last year, Schulte said he was planning a vacation in Cancun, Mexico, with his brother, potentially giving the appearance that he was about to flee the country.

"Due to these unfortunate coincidences the FBI ultimately made the snap judgment that I was guilty of the leaks and targeted me," Schulte said.