- 783
- 211
Last summer, someone posing as a Russian hacktivist group published a 1.1 TB dump of files and messages from the Walt Disney Company’s internal Slack channels. It has now been revealed that a 25-year-old American citizen was behind the attack and the theft of data.
The U.S. Department of Justice announced that Ryan Kramer, 25, who goes by the online handle NullBulge, pleaded guilty to illegally accessing Disney’s internal Slack channels and stealing more than 1.1 TB of the company’s internal data.
According to law enforcement, Kramer created malware in early 2024 and posted it to GitHub and other platforms, advertising it as a tool for generating images using AI. In reality, the malware allowed Kramer to access the computers of those who installed it and steal passwords and other data from their devices.
According to the Wall Street Journal , one of the people who downloaded the malware was Disney employee Matthew Van Andel, who ran the malware on his personal computer. This allowed Kramer to gain access to the device, including passwords stored in the 1Password password manager.
Using the stolen credentials, the attacker gained access to Disney Slack channels, from which he downloaded 1.1 TB of corporate data.
The Justice Department notes that Kramer contacted Van Andel on Discord and by email, posing as a representative of the Russian hacktivist group NullBulge. The hacker tried to blackmail the victim, claiming that his personal information and the data stolen from Disney would be published in the public domain if he refused to cooperate.
When there was no response, on July 12, 2024, NullBulge posted on BreachForums under the title “DISNEY INTERNAL SLACK,” claiming to have hacked Disney and stolen 1.1 TB of data, including Van Andel’s personal information. At the time, Kramer wrote that the leak contained messages and files from 10,000 internal Slack channels, and that the dump contained information about unreleased Disney projects, source code, credentials, and links to internal APIs and web pages. Kramer has now pleaded guilty to charges of unauthorized access to a computer and obtaining information, as well as a charge of threatening to damage a protected computer. Each charge carries a maximum sentence of five years in prison. NullBulge also admitted to law enforcement that two other people had downloaded his malware and that he had gained access to their computers. The FBI is currently investigating, and the names of the victims have not been released. Let us recall that after this incident, the Walt Disney Company made a decision
The U.S. Department of Justice announced that Ryan Kramer, 25, who goes by the online handle NullBulge, pleaded guilty to illegally accessing Disney’s internal Slack channels and stealing more than 1.1 TB of the company’s internal data.
According to law enforcement, Kramer created malware in early 2024 and posted it to GitHub and other platforms, advertising it as a tool for generating images using AI. In reality, the malware allowed Kramer to access the computers of those who installed it and steal passwords and other data from their devices.
According to the Wall Street Journal , one of the people who downloaded the malware was Disney employee Matthew Van Andel, who ran the malware on his personal computer. This allowed Kramer to gain access to the device, including passwords stored in the 1Password password manager.
Using the stolen credentials, the attacker gained access to Disney Slack channels, from which he downloaded 1.1 TB of corporate data.
The Justice Department notes that Kramer contacted Van Andel on Discord and by email, posing as a representative of the Russian hacktivist group NullBulge. The hacker tried to blackmail the victim, claiming that his personal information and the data stolen from Disney would be published in the public domain if he refused to cooperate.
When there was no response, on July 12, 2024, NullBulge posted on BreachForums under the title “DISNEY INTERNAL SLACK,” claiming to have hacked Disney and stolen 1.1 TB of data, including Van Andel’s personal information. At the time, Kramer wrote that the leak contained messages and files from 10,000 internal Slack channels, and that the dump contained information about unreleased Disney projects, source code, credentials, and links to internal APIs and web pages. Kramer has now pleaded guilty to charges of unauthorized access to a computer and obtaining information, as well as a charge of threatening to damage a protected computer. Each charge carries a maximum sentence of five years in prison. NullBulge also admitted to law enforcement that two other people had downloaded his malware and that he had gained access to their computers. The FBI is currently investigating, and the names of the victims have not been released. Let us recall that after this incident, the Walt Disney Company made a decision