CyberSecurity news
Lawrence Abrams@BleepingComputer
//
Ryan Kramer, a 25-year-old from California, has pleaded guilty to two criminal charges related to a significant data breach at Disney. Kramer, operating under the alias "NullBulge," admitted to illegally accessing Disney's internal Slack channels and stealing over 1.1 terabytes of confidential data. The stolen data included internal communications, sensitive information, images, source code, and credentials. The breach led Disney to switch from Slack to Microsoft Teams following the incident, which impacted over 10,000 Slack channels.
He distributed a malicious program, disguised as an AI-powered image generation tool, on platforms like GitHub. This program contained a backdoor that allowed him to access the computers of those who downloaded and executed it. According to prosecutors, a Disney employee fell victim to this poisoned project between April and May of 2024, inadvertently granting Kramer access to their network and online credentials. This initial breach then allowed Kramer to move laterally within Disney's systems, compromising various platforms and confidential data storage areas.
Armed with the stolen data, Kramer, falsely claiming affiliation with the Russian hacking group NullBulge, attempted to extort the victim. When the victim did not respond, Kramer proceeded to release their personal information, including bank, medical, and other sensitive details, across multiple platforms. While Kramer awaits sentencing, he faces a maximum of five years in federal prison for each felony count of accessing a computer to obtain information and threatening to damage a protected computer. The FBI is also investigating the extent to which data from at least two other victims who downloaded Kramer's malicious GitHub project may have been compromised.
ImgSrc: www.bleepstatic
References :
- bsky.app: Hacker 'NullBulge' pleads guilty to stealing Disney's Slack data
- cyberinsider.com: A 25-year-old Santa Clarita man has agreed to plead guilty to hacking a Disney employee's personal computer, stealing login credentials, and exfiltrating 1.1 terabytes of confidential data from internal Slack channels used by the entertainment giant.
- The DefendOps Diaries: Explore lessons from Disney's Slack breach, highlighting corporate cybersecurity vulnerabilities and strategies for protection.
- BleepingComputer: Hacker 'NullBulge' pleads guilty to stealing Disney's Slack data
- www.scworld.com: A 25-year-old California man, Ryan Kramer, has pleaded guilty to infiltrating Disneys internal communications and stealing over 1.1 terabytes of confidential data by deploying malware disguised as an AI image generation tool, BleepingComputer reports.
- The Register - Security: Disney Slack attack wasn't Russian protesters, just a Cali dude with malware
- www.scworld.com: Hacker pleads guilty to orchestrating Disney data heist
- www.techradar.com: Hacker pleads guilty to illegally accessing Disney Slack channels and stealing huge tranche of data
- The Register: Disney Slack attack wasn't Russian protesters, just a Cali dude with malware A 25-year-old California man pleaded guilty to stealing and dumping 1.1TB of data from the House of Mouse When someone stole more than a terabyte of data from Disney last year, it was believed to be the work of Russian hacktivists protesting for artist rights. We now know it was actually a 25-year-old Calif…
- go.theregister.com: Disney Slack attack wasn't Russian protesters, just a Cali dude with malware
- gbhackers.com: GBHackers Article: Disney Hacker Admits Guilt After Stealing 1.1TB of Internal Data
- Talkback Resources: Disney Slack hacker was Californian, not Russian: DoJ
- DataBreaches.Net: Disney Hacker Who Accessed 1.1 Terabytes of Data Pleads Guilty
- CyberInsider: Disney Hacker Admits Using Malware-Laced AI Art App to Achieve Breach
- securityonline.info: California Man to Plead Guilty in Hack of Disney Employee, Theft of 1.1TB of Confidential Slack Data
Classification:
- HashTags: #databreach #insiderthreat #Slack
- Company: Disney
- Target: Disney
- Product: Slack
- Feature: Data Theft
- Malware: AI Disguised Malware
- Type: DataBreach
- Severity: Major