Could This Be the Ashley Madison Hacker?
A Twitter user sure seems privy to lots of inside information
By John Johnson,  Newser Staff
Posted Aug 27, 2015 8:05 AM CDT
Toronto Police Service Superintendent Bryce Evans speaks to the media regarding the hack earlier this week.   (Melissa Renwick/Toronto Star, The Canadian Press via AP)

(Newser) – As the Ashley Madison fallout continues, the first real lead into who pulled off the hack seems to have emerged. Respected security blogger Brian Krebs points to a Twitter user named Thadeus Zu, whose handle is @deuszu. Among the clues: Zu tweeted a link to the Ashley Madison source code hours before it was made public. That's what made Krebs suspicious in the first place—and prompted him to download five years' worth of Zu's tweets. He found that Zu has boasted of hacks previously, using the same AC/DC song ("Thunderstruck") to gloat as the Ashley Madison hacker. In a July 19 tweet from Zu about "getting the show started," he includes a screenshot, and Krebs notices that one of the tabs in his browser has the YouTube video of "Thunderstruck" playing.

"Thadeus Zu—whoever and wherever he is in real life—may not have been directly involved in the Ashley Madison hack," writes Krebs. "But one thing is clear: If Zu wasn't involved in the hack, he almost certainly knows who was." Though Zu uses a Hawaii time zone, Krebs suspects he's in Australia. The New York Times says this "may be the closest lead to date," and Toronto police (the lead investigators of the hack) have taken notice of Krebs' work. Zu's reaction? "All I can state is that Krebs has got a lot to prove when ti [sic] comes to supplying valid and admissible evidence and proof," he tweets, adding the threat of a lawsuit. (It turns out it appears there were virtually no actual women on the Ashley Madison site.)