tp2503
08-28-2015, 04:02 PM
CBC News
A love of AC/DC may have inadvertently outed the identity of someone associated with recently hacked AshleyMadison.com, an influential IT journalist and consultant suggests.
In a blog post, Brian Krebs says he noticed that a Twitter account recently posted a link to Ashley Madison's stolen proprietary source code before it was made public. (Krebs is the reporter who first uncovered the Ashley Madison hack, the Home Depot credit card hack and many others.)
Intrigued by the poster's apparent access, he examined the account's posting history and noticed a predilection for the music of Australian hard rock band AC/DC, but thought little else of it at the time.
It wasn't until last week's Toronto police news conference mentioned an intriguing nugget about their investigation into the hack that Krebs was reminded of the account. The police say the company became aware of the attack when employees came into work one morning and all of their computers saw a threatening message from the Impact Team, as the hacker group claiming responsibility for the attack calls itself.
That message was accompanied by AC/DC song Thunderstruck.
While examining the account's posting history, Krebs noticed the Twitter account of Thadeus Zu (@deuszu) had posted details of various low-level hacks it had accomplished over the years, for example, remotely taking over items like web cameras, wireless routers and printers.
"On Aug. 4, 2012," Krebs wrote, "he tweeted to KPN-CERT, a computer security incident response team in the Netherlands, to alert the group that he'd hacked their site."
That alert came with the following AC/DC-related message
https://twitter.com/deuszu/status/231832729577193472/photo/1?ref_src=twsrc%5Etfw
One day earlier, he hacked into the website for Australia's parliament.
In the alert, Zu taunted lawmakers with another AC/DC reference:
https://twitter.com/ReciteNews/status/636835613744852992
The final piece, Krebs says, was that in the hours before the hack became public, Zu tweeted about a forthcoming hack.
A screengrab of that Tweet shows 'Thunderstruck' playing in another tab of Zu's browser
https://twitter.com/deuszu/status/622763065746915329/photo/1?ref_src=twsrc%5Etfw
In a series of tweets, Zu appears to deny that the account was behind the Ashley Madison hack, and indeed makes several suggestions that the account itself isn't even run by one person, but is instead an amalgam of like-minded digital vigilantes.
And ultimately, Krebs himself is not entirely convinced that he has uncovered someone involved in the hack. "All of this could be just one big joke by Zu and his buddies," Krebs wrote. "But one thing is clear: If Zu wasn't involved in the hack, he almost certainly knows who was."
Zu did not immediately reply to a request for comment from CBC News.
A love of AC/DC may have inadvertently outed the identity of someone associated with recently hacked AshleyMadison.com, an influential IT journalist and consultant suggests.
In a blog post, Brian Krebs says he noticed that a Twitter account recently posted a link to Ashley Madison's stolen proprietary source code before it was made public. (Krebs is the reporter who first uncovered the Ashley Madison hack, the Home Depot credit card hack and many others.)
Intrigued by the poster's apparent access, he examined the account's posting history and noticed a predilection for the music of Australian hard rock band AC/DC, but thought little else of it at the time.
It wasn't until last week's Toronto police news conference mentioned an intriguing nugget about their investigation into the hack that Krebs was reminded of the account. The police say the company became aware of the attack when employees came into work one morning and all of their computers saw a threatening message from the Impact Team, as the hacker group claiming responsibility for the attack calls itself.
That message was accompanied by AC/DC song Thunderstruck.
While examining the account's posting history, Krebs noticed the Twitter account of Thadeus Zu (@deuszu) had posted details of various low-level hacks it had accomplished over the years, for example, remotely taking over items like web cameras, wireless routers and printers.
"On Aug. 4, 2012," Krebs wrote, "he tweeted to KPN-CERT, a computer security incident response team in the Netherlands, to alert the group that he'd hacked their site."
That alert came with the following AC/DC-related message
https://twitter.com/deuszu/status/231832729577193472/photo/1?ref_src=twsrc%5Etfw
One day earlier, he hacked into the website for Australia's parliament.
In the alert, Zu taunted lawmakers with another AC/DC reference:
https://twitter.com/ReciteNews/status/636835613744852992
The final piece, Krebs says, was that in the hours before the hack became public, Zu tweeted about a forthcoming hack.
A screengrab of that Tweet shows 'Thunderstruck' playing in another tab of Zu's browser
https://twitter.com/deuszu/status/622763065746915329/photo/1?ref_src=twsrc%5Etfw
In a series of tweets, Zu appears to deny that the account was behind the Ashley Madison hack, and indeed makes several suggestions that the account itself isn't even run by one person, but is instead an amalgam of like-minded digital vigilantes.
And ultimately, Krebs himself is not entirely convinced that he has uncovered someone involved in the hack. "All of this could be just one big joke by Zu and his buddies," Krebs wrote. "But one thing is clear: If Zu wasn't involved in the hack, he almost certainly knows who was."
Zu did not immediately reply to a request for comment from CBC News.