Leave a comment

Did this guy hack Ashley Madison?

Did this guy hack Ashley Madison?
photo courtesy of shutterstock

This is a fascinating whodunit mystery that started with one of the clues left by the Ashley Madison hackers. Did you know that when Ashley Madison was hacked, every employee's computer was triggered to play the song "Thunderstruck" by AC/DC?

Brian Krebs, one of the premier computer security researchers and reporters in the country, broke the news on July 20 that Ashley Madison had been hacked. He'd been sent a link to the source code for Ashley Madison by the Impact Team, the mysterious hackers, via his website's contact form. Just hours later, a Twitter user named Thadeus Zu tweeted a link to the same source code.

Here's where AC/DC comes in. When Toronto police had a press conference recently about the hack, they revealed the "Thunderstruck" detail. Krebs then combed through five years of Zu's tweets, and found that in bragging about two hacks, one in the Netherlands and one of the Australian Parliament's website, he'd mentioned AC/DC and "Thunderstruck."

That could be mere coincidence, since both of those tweets were from 2012. But Krebs kept digging.

Krebs next looked at Zu's tweets from July 19, the day Krebs was notified of the hack by the Impact Team. He'd gotten the tip at night, but in the morning, Zu seemed to be gearing up for something big. Check out Zu's tweet from 9:40 that morning:

@deuszu says: "Settle down, amigo. We are setting up a replication server so we can get that show started."

The mentions of a "replication server" and getting "that show started" seem slightly ominous on their own, but look closely at the other tabs he has open in the screenshot. That's right, he has AC/DC's "Thunderstruck" open in YouTube.

Fast-forward to last week, when the Impact Team dumped the data it had hacked from Ashley Madison, along with a note announcing the release titled "Time's Up." Krebs checked Zu's Twitter account from that time period and found Zu had tweeted the "Time's Up" note more than 24 hours before tech media powerhouses like Wired and ArsTechnica were on to the story. Here's his tweet:

"Time's Up."

Krebs attempted to contact Zu before writing about his investigation on his blog, Krebs on Security. But no luck. He was also unsuccessful trying to suss out Zu's identity, or even his geographic location.

Krebs speculated, "It is possible that Zu is instead a white hat security researcher or confidential informant who has infiltrated the Impact Team," but he concluded, "If Zu wasn't involved in the hack, he almost certainly knows who was." That, apparently, caught Zu's attention.

"Bring on it on @briankrebs"

Zu continued to tweet about the topic.

"I have NO contact with Impact Team and I am NOT the ' Ashley Madison ' hacker."

Krebs has been the go-to computer security researcher for the Ashley Madison story (even the Impact Team went to him first), so we'll be curious to see how the Thadeus Zu story develops. Check back often to our Happening Now page for the latest hacking and security news.

Next Story
View Comments ()
This weird 'MouthLab' is like a check engine light for humans
Previous Happening Now

This weird 'MouthLab' is like a check engine light for humans

This Facebook funeral scam will make your blood boil
Next Happening Now

This Facebook funeral scam will make your blood boil