Analysis

John McAfee: Ashley Madison hack was 'lone female employee'

Antivirus tycoon points to evocative language and "sources within the Dark Web"

A woman working for the parent company of Ashley Madison was responsible for last month's hackthat resulted in the leak of 33 million customer details online, according to veteran cybersecurity figure John McAfee.

Writing for International Business Times, McAfee yesterday claimed that the leak was engineered by "a woman operating on her own who worked for Avid Life Media", which owns the infidelity dating site, rather thanbeing the work of external actors,.

He claimed the Impact Team hacking group that has claimed responsibility for the attack is a fabrication, citing "reliable sources within the Dark Web". His primary reasoning is that, unlike hacker collectives Lizard Squad and Lulzsec, Impact Team has not been linked to any prior breaches.

Instead, he alleged that a single insider was responsible, writing: "From the data that was released, it was clear that the perpetrator had intimate knowledge of the technology stack of the company (all the programs being used).

Advertisement
Advertisement - Article continues below

"For example, the data contains actual MySQL database dumps. This is not just someone copying a table and making into a .csv file. Hackers rarely have full knowledge of the technology stack of a target."

He added that information he provided to IBTimes which is to be "referenced and then destroyed" proves this.

McAfee supposedly deduced the gender of the mole through evocative statements attached to the initial breach.

"The most telling was a statement calling men 'scumbags'," he said. "In a separate section, the perpetrator describes men as cheating dirtbags. I think in any language this would suggest that a woman is speaking."

The controversial cybersecurity expert pointed to sensitive details exposed in the leak to claim it was an inside job.

"The personnel work scheduling for equipment maintenance will normally exist only on the workstation of the maintenance manager", McAfee wrote.

"Likewise, the data for options for stock shares in a company, an extremely private set of data, will exist only in a private file on the workstation of the VP of Finance, or the CEO."

McAfee believes that the sheer amount of information, most of it kept in separate directories, is evidence of an internal actor, and states that "only someone on the inside, who could easily gain all of the files through deception and guile, could have done the job."

However, independent computer analystGraham Cluley, was less than convinced about McAfee's conclusions.

He told IT Pro:"Once again, John McAfee is doing a great job of drawing attention to himself. If he has any genuine evidence then he should pass it over to the police."

Advertisement
Advertisement - Article continues below

"I suspect they have enough serious leads to explore already without every amateur Miss Marple spouting off with their own theories," he added.

Mark James, IT security specialist at ESET, was more charitably disposed towards the idea, saying: "The claims are quite feasible because often in the case of large data breaches there is indeed help from the inside.It's the easiest way to get malware onto the internal systems or data extracted from the servers."

But malware intelligence analyst at MalwareBytes, Chris Boyd, suggested that hackers may have purposefully misled experts to disguise their identities.

"While McAfee's claims of insider activity are interesting, it's not a huge leap to think that anybody wanting to false flag themselves out of the equation would simply attempt to come off sounding like something they're not," he said.

"It might be a woman - or it might be a man going out of their way to throw people off the scent. I don't think it really matters either way - man or woman, the data is out there, and the damage is done."

The 10GB data dump released on the dark web last week has already caused casualties, with Toronto police claiming two people have committed suicide as a result, while others have been blackmailed by cybercriminals.

Lawsuits have also emerged, with a Californian man suing Avid Life Media for negligence.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Visit/security/ddos/28039/how-to-protect-against-a-ddos-attack
Security

How to protect against a DDoS attack

25 Oct 2019
Visit/data-breaches/29418/equifax-data-breach-cost-14-billion-so-far/page/0/1
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019
Visit/data-breaches/29418/equifax-data-breach-cost-14-billion-so-far
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/mobile/mobile-phones/354222/samsung-sails-past-apples-market-share-despite-smartphone-market-slump
Mobile Phones

Samsung sails past Apple's market share despite smartphone market slump

28 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019