A 25-year-old California man, Ryan Kramer, has pleaded guilty to infiltrating Disneys internal communications and stealing over 1.1 terabytes of confidential data by deploying malware disguised as an AI image generation tool, BleepingComputer reports.
The U.S. Department of Justice revealed that Kramer, using the alias NullBulge, tricked GitHub users into downloading his malware, which enabled him to extract sensitive credentials. One such victim, Disney employee Matthew Van Andel, inadvertently gave Kramer access to his work computer, leading to a breach of Disneys private Slack channels. Posing as a Russian hacktivist group, Kramer threatened to publish stolen data unless Van Andel cooperated. When Van Andel failed to respond, the data, including personal information and unreleased Disney projects, was posted on the BreachForums hacking site. Kramer faces up to 10 years in prison for charges including unauthorized access and computer threats. Authorities also confirmed he infected at least two other individuals, and further investigations are underway.
The U.S. Department of Justice revealed that Kramer, using the alias NullBulge, tricked GitHub users into downloading his malware, which enabled him to extract sensitive credentials. One such victim, Disney employee Matthew Van Andel, inadvertently gave Kramer access to his work computer, leading to a breach of Disneys private Slack channels. Posing as a Russian hacktivist group, Kramer threatened to publish stolen data unless Van Andel cooperated. When Van Andel failed to respond, the data, including personal information and unreleased Disney projects, was posted on the BreachForums hacking site. Kramer faces up to 10 years in prison for charges including unauthorized access and computer threats. Authorities also confirmed he infected at least two other individuals, and further investigations are underway.
