The suspect is CIA’s very own former engineer accused of handing over Vault 7 series documents to WikiLeaks.
The government of United States has claimed to identify the suspect who allegedly stole a trove of data belonging to the Central Intelligence Agency (CIA) detailing its hacking tools and secret cyber espionage campaigns targeting governments, unsuspected users, and businesses around the world.
The suspect has been identified as 29-year-old former CIA software engineer Joshua A. Schulte. Authorities believe that Schulte not only stole the data but also handed over it to WikiLeaks, a whistleblowing firm founded by Julian Assange.
The hacking tools in the discussion were published by WikiLeaks on their website under the handle of Vault 7. These documents contained a trove of 8,000 documents and 943 attachments showing how the CIA developed tools to hack their targets and turn them into spying devices.
The list of CIA’s targets included Windows-based computers (1), Linux (2) and Mac devices (3), air-gapped PCs (4), security cameras (5), smart TVs (6), web browsers (7), iPhones (8) and Android smartphones (9), webcams, headphones, microphones (10), notepads, video players (11), trucks and other Internet-connected devices (12) – These documents exposed “the entire hacking capacity of the CIA.”
The suspect is a former CIA engineer
Joshua A. Schulte is no stranger to the CIA as he worked for the agency’s Engineering Development Group which developed malware and other hacking tools for Cyber Intelligence. In November 2016, Schulte left the agency and started working for a private software firm in New York.
In March 2017, just a week after WikiLeaks started publishing Vault 7 documents Schulte’s apartment in New York was raided by the Federal Bureau of Investigation (FBI). Although Schulte was not charged, the FBI agents seized his personal computer, handwritten notes, notebooks and passports barring him from going to Mexico on vacation.
In a court statement in January, Assistant U.S. attorney Matthew Laroch said that Schulte used Tor browser to transfer classified information however, he did not provide any evidence. Tor browser lets users hide their real IP address on the Internet and browse anonymously on the desktop and Android devices.
Schulte charged with possessing child pornography
In August this year, while Schulte was expected to be charged with Vault 7 related offense he was charged with possessing child pornography after the FBI agents found over 10,000 explicit images on a web server ran by Schulte during his college days at University of Texas at Austin in 2009.
Reportedly, the server was accessed by around 100 people who shared, uploaded and download child abuse content. Schulte is currently held at Metropolitan Correctional Center in Manhattan.
Schulte’s lawyers have enough of it
On the other hand, Schulte’s lawyers are asking prosecutors to come up with a final decision on charges related to Vault 7 leak.
“This case has been dragging since August 2017,” said Schulte’s lawyer Sabrina P. Shroff. “The government should be required to indict so Mr. Schulte has the opportunity to defend himself. Otherwise, he is just languishing.”
WikiLeaks and Vault 7
When WikiLeaks started publishing the Vault 7 series documents it was surrounded by suspicions whether these documents were authentic. Although Edward Snowden and Wall Street Journal confirmed their authenticity the US government investigating one of its agency’s ex-engineers over the leak also indicate that the Vault 7 series was authentic and detailed CIA’s hacking tools in-depth.
List of leaked Vault 7 documents
BothanSpy and Gyrfalcon: Steals SSH credentials from Linux & Windows devices OutlawCountry and Elsa: Malware targeting Linux devices and tracking user geolocation Brutal Kangaroo: CIA hacking tools for hacking air-gapped PCs Cherry Blossom: CherryBlossom & CherryBomb: Infecting WiFi routers for years Pandemic: A malware hacking Windows devices AfterMidnight and Assassin: CIA remote control & subversion malware hacking Windows Dark Matter: CIA hacking tool infiltrating iPhones and MacBooks Athena: A malware targeting Windows operating system Archimedes: A program helping CIA to hack computers inside a Local Area Network HIVE: CIA implants to transfer exfiltrated information from target machines Grasshopper: A malware payloads for Microsoft Windows operating systems Marble: A framework used to hamper antivirus companies from attributing malware Dark Matter: A CIA project that infects Apple Mac firmware Highrise: An Android malware spies on SMS Messages Aeris, Achilles, SeaPea: 3 malware developed by CIA targeting Linux and macOS Dumbo Project: CIA’s project hijacking webcams and microphones on Windows devices CouchPotato Tool: Remotely Collects Video Streams from Windows devices ExpressLane implant: CIA Collected Biometric Data from Partner Agencies