AC/DC tweets raise suspicions about Ashley Madison hacker's identity

A love of AC/DC may have inadvertently outed the identity of someone associated with recently hacked AshleyMadison.com, an influential IT journalist and consultant suggests.

In a blogpost, Brian Krebssays he noticed that a Twitter account recentlyposted a link to Ashley Madison's stolen proprietary source code before it was made public.(Krebs is the reporter who first uncovered the Ashley Madison hack, the Home Depot credit card hack and many others.)

Intrigued by the poster's apparent access, he examined the account's posting history and noticed a predilection for the music of Australian hard rock band AC/DC, but thought little else of it at the time.

It wasn't until last week's Toronto police news conference mentioned an intriguing nugget about their investigation into the hack that Krebs was reminded of the account. The police say the company became aware of the attack when employees came into work one morning and all of their computers saw a threatening message from the Impact Team, as the hacker group claiming responsibility for the attack calls itself.

That message was accompanied by AC/DCsong Thunderstruck.

While examiningthe account's posting history,Krebs noticedthe Twitter account of ThadeusZu (@deuszu) had posted details of various low-level hacks it hadaccomplished over the years, for example, remotely taking over itemslikeweb cameras, wireless routers and printers.

"On Aug. 4, 2012," Krebswrote,"he tweeted to KPN-CERT, a computer security incident response team in the Netherlands, to alert the group that he'd hacked their site."

One day earlier, he hacked into the website for Australia's parliament.

The final piece, Krebs says, was that in the hours before the hack became public, Zu tweeted about a forthcoming hack.

In a series of tweets, Zu appears to deny that the account was behind the AshleyMadison hack, and indeed makes several suggestions that the account itself isn't even run by one person, but is instead an amalgam of like-minded digital vigilantes.

And ultimately, Krebs himselfis not entirely convincedthat he has uncovered someone involved in the hack."All of this could be just one big joke by Zu and his buddies," Krebs wrote."But one thing is clear: If Zu wasn't involved in the hack, he almost certainly knows who was."

Zu did not immediately reply to a request for comment from CBC News.