Tweets about AC/DC establish Ashley Madison hack suspect

The online dating site for married people was recently targeted by a hack leaking sensitive data on its users

The hacker behind the recent Ashley Madison leak may have been incriminated by tweets about AC/DC.

A few days ago, a press conference held by Toronto police revealed that employees of the website first learned of the security breach when they logged into their computers on the July 12 were greeted by a strange message soundtracked by AC/DC’s ‘Thunderstruck.’

It seems that this specific detail might actually be a crucial clue to the hacker’s identity. As The Washington Post reports, security blogger Brian Krebs noticed that a Twitter user called Thadeus Zu (@deuszu) had posted a link to Ashley Madison’s stolen proprietary source code before it was made public.

Krebs then downloaded five years’ worth of tweets from the same account, and upon looking through them, found boasts of simple hacks and website defacements along with references to ‘Thunderstruck’.

One example of this was a tweet that Zu had sent to Dutch computer security response team KPCN-CERT after he had hacked them, saying: “CERT Nederlands I KPN Blacklist Next time, it will be Thunderstruck. #ACDC #schoolboyriff #hackaday.”

On the morning of July 19, about 12 hours before someone calling themselves the Impact Team sent Krebs word of the Ashley Madison hacking, Zu tweeted saying: “Settle down, amigo. We are setting up a replication server so we can get that show started.” The screenshot included a browser tab opened on AC/DC’s ‘Thunderstruck’ on YouTube.

Thadeus Zu’s identity remains unclear and it has not been confirmed that the individual is directly involved in the hack.