The Ashley Madison hack made headlines across the world and exposed the private information of upwards of 33 million users. Some of the individuals discovered to have signed up for an Ashley Madison account include politicians, religious figures, and according to some outlets, a high-profile athlete or two. Sadly, the fallout from the hack has reportedly resulted in two suicides as well.
And now we might know who was behind it.
DON’T MISS: The secret way to land a job at Google
While the ostensible group behind the hack went by the name “Impact Team”, security researcher Brian Krebs is alleging that the individual truly responsible for the headline generating hack may be a Twitter user named Thadeus Zu (@deuszu).
Krebs writes that @deuszu on July 20 tweeted a link to an online repository of Ashley Madison website source code that had “been confidentially shared with me by the Impact Team via the contact form on my site just hours earlier.”
A few weeks later, Krebs was watching a press conference on the hack held by the Toronto Police. There, police revealed that Ashley Madison employees first became aware of the hack on the morning of July 12 when, upon coming into work, they noticed that all of their computers contained a warning message from the Impact Team accompanied by the AC/DC song “Thunderstruck.”
And here’s were things get interesting.
Following the press conference, Krebs went and downloaded Zu’s entire Twitter history.
Zu’s early years on Twitter are a catalog of simple hacks — commandeering unsecured routers, wireless cameras and printers — as well as many, many Web site defacements.
On the defacement front, Zu focused heavily on government Web sites in Asia, Europe and the United States, and in several cases even taunted his targets. On Aug. 4, 2012, he tweeted to KPN-CERT, a computer security incident response team in the Netherlands, to alert the group that he’d hacked their site. “Next time, it will be Thunderstruck. #ACDC” Zu wrote.
Indeed, Krebs found other instances where Zu, prior to compromising a website, would leave some sort of reference to AC/DC.
Right around the time when the Ashley Madison hack went publick, Krebs discovered that Zu, on July 19, began tweeting to a few people about setting up “replication servers” to “get the show started.”
On his website, Krebs shared the following screenshot of one of Zu’s tweets. If you look closely, you can see that one of the opened tabs is a YouTube video of AC/DC’s “Thunderstruck”.
Make sure to hit the source link below for the full rundown on why Krebs believes Zu is either the man responsible for the hack or, at the very least, that he knows who is.
For what it’s worth, Zu has since been made aware of Krebs’ claims and is clearly not one to back down from what he clearly perceives to be false allegations, as evidenced by some of his recent tweets.