Breach, Data Security

After online report, Twitter user denies involvement in Ashley Madison hack


On the heels of security pro John McAfee saying Monday that a lone female insider was responsible for the Ashley Madison breach, independent, investigative journalist Brian Krebs reported that a Twitter user known as Thadeus Zu (@deuszu) may be connected to the incident.

Krebs said Zu came on his radar on July 20 after Zu posted a link to the same cache of data – Ashley Madison's source code – that Impact Team, the group taking responsibility for the breach, sent the journalist earlier that day.

With some digging, Krebs said he found other connections that include Zu's prior use of AC/DC tune “Thunderstruck,” a song that was said to be playing on employee computers at Avid Life – Ashley Madison's parent company – on the day the company first identified the breach.

Additionally, Krebs noted that Zu posted a link to Impact Team's “Time's Up!” post more than a day before any major news outlet reported on it.

In his report, Krebs suggested Zu could be a white hat researcher or confidential informant that infiltrated Impact Team, and he never blatantly accused Zu of attacking Ashley Madison. However, Krebs did write that “one thing is clear: If Zu wasn't involved in the hack, he almost certainly knows who was.”

The report prompted a discussion on Twitter, with some individuals attempting to prove or disprove Zu's involvement. Soon the person behind the @deuszu account responded, and eventually Zu and Krebs started having a back-and-forth via public tweets.

“I have NO contact with Impact Team and I am NOT the 'Ashley Madison' hacker,” a tweet from the @deuszu account said.

Avid Life has put a reward of up to $500,000 (Canadian) for anyone who provides information leading to the arrest of those involved in the Ashley Madison breach.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.