Is this the Ashley Madison hacker?
Published 27/08/2015 | 13:40
Millions of email addresses have been released, reputations damaged and lawsuits filed, but we are still no closer to discovering who the mysterious "Impact Team" behind the Ashley Madison hack are.
However, a series of clues point to a Twitter account that may unmask the hacker (or hackers), according to Brian Krebs, the security researcher who first uncovered last week's release of gigabytes of sensitive data and news of the hack last month.
Krebs has pointed the finger at @deuszu, who has been relentlessly tweeting about the Ashley Madison hack in recent days. He says a series of clues, including tweets posted before the hack became public last month, suggest that if the individual is not behind the attack, they are unusually tuned into events.
One potential clue is that the account allegedly posted a link to Ashley Madison source code shortly after Krebs first uncovered the hack, and before any news organisation had picked up the information. Krebs says he had not shared the link to the source code, which he says had been sent confidentially by Impact Team, so it is unclear how the individual would have gained access to it.
Krebs said a further clue emerged last week, when Canadian police revealed how Ashley Madison first staff learned about the hack. Toronto officers said that employees had come into Ashley Madison's offices to find a message from Impact Team, accompanied by AC/DC's rock anthem "Thunderstruck", when they turned on their computers.
As well as several references to AC/DC before the hack emerged (@deuszu subsequently changed its profile picture to the AC/DC logo), a screenshot tweeted just before the hack became public in July showed that the user was listening to the song on YouTube.
The account tweets relentlessly about the Ashley Madison hack. While this might not be unusual given the level of interest in the subject, it has a long history of tweeting about hacking issues.
Is it the hacker?
The Twitter account itself has heavily criticised Krebs' investigation following the security researcher's blogpost. Deuszu claims to unpick many of his claims, saying that he found the source code on Krebs' website for example.
On Twitter, Toronto police acknowledged the suggestions.
Separately, it has emerged that Ashley Madison was even more male-heavy than the original hack suggested, with a huge proportion of the registered female users apparently inactive.
While there were 5.5 million women in the Ashley Madison database against 31 million men, it appears that an overwhelming proportion of these female users were fake. When Gizmodo analysed usage data, however, it found that just a fraction of the registered female users actually logged on.
20.2 million male Ashley Madison users would check their messages - two thirds of its registered users. However, just 1,492 female users - or 0.03 per cent of registered users - did so.