The Department of Justice says that Kramer then contacted Van Andel, posing as a Russian hacktivist group called "NullBulge," warning that his personal information and Disney's stolen Slack data would be published if he didn't cooperate. "By accessing M.V.'s Disney Slack account, defendant gained access to non-public Disney Slack channels, and in or around May 2024, defendant downloaded approximately 1.1 terabytes of confidential data from thousands of Disney Slack channels," reads a plea agreement seen by BleepingComputer. After receiving no response, NullBulge posted a message on the BreachForums hacking forum on July 12, 2024, titled "DISNEY INTERNAL SLACK," where he claimed to have breached Disney and leaked the 1.1TB of stolen data, including Van Andel's personal info. Using Van Andel's stolen credentials, Kramer gained access to Disney's Slack channels, where he downloaded 1.1TB of corporate data. A California man who used the alias "NullBulge" has pleaded guilty to illegally accessing Disney's internal Slack channels and stealing over 1.1 terabytes of internal company data. However, the DOJ says this program was actually malware that allowed Kramer to access the computer of those who installed it to steal data and passwords from the device. According to the Wall Street Journal, one of the people who downloaded the program was a Disney employee, Matthew Van Andel, who executed it on his computer. According to the U.S. Department of Justice, a 25-year-old named Ryan Kramer created a malicious program in early 2024 that was promoted as an AI image generation tool on GitHub and other platforms.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 01 May 2025 23:15:07 +0000