This article (http://www.businessweek.com/articles/2013-02-14/a-chinese-hackers-identity-unmasked#p1) describes the unearth of some details of a Chinese hacker who has spread malware to take over machines, which in turn would send information to servers this hack owns.
Case in point: a hacker also a real life. In the malware, the hacker uses his "pen names". But the email associated with the domain registration information for the servers he owns gave clue to researcher where to look further. Then researchers were able to find the email being used to register a company, and post in public forums about the car he owns.
It looks like in real life he is a teacher at the PLA Information Engineering University in Zhengzhou, Henan Province.