A hacker operating under the alias "NullBulge" has confessed to infiltrating Disney's internal Slack channels, extracting over 1.1 terabytes of sensitive data. This breach highlights significant cybersecurity vulnerabilities within corporate communication platforms.

Malware Disguised as AI Tool

Ryan Kramer, a 25-year-old from California, developed a malicious program in early 2024, masquerading as an AI image generation tool on platforms like GitHub. This software was, in fact, malware designed to compromise the devices of those who downloaded it, enabling unauthorized data and password extraction.

Exploiting Employee Credentials

A Disney employee, Matthew Van Andel, unknowingly facilitated the breach by executing the malware on his computer. This allowed Kramer to access Van Andel's credentials stored in his password manager, granting him entry to Disney's Slack channels and the ability to download a vast amount of corporate data.

Threats and Data Exposure

After obtaining the data, Kramer posed as a Russian hacktivist group, threatening to release both Van Andel's personal information and Disney's data unless demands were met. When no response was received, the stolen data was posted on the BreachForums hacking forum in July 2024.

  • 1.1TB of data leaked
  • Access to nearly 10,000 channels
  • Included unreleased projects and internal information

Kramer has pleaded guilty to charges of unauthorized computer access and making threats to damage a protected computer, each carrying a potential five-year federal prison sentence. The FBI is also investigating additional individuals who downloaded the malware.

His initial court appearance in Los Angeles is anticipated soon, as authorities continue to probe the extent of the breach.

The link has been copied!