A California person who used the surname “Nalbulaj” has blamed Disney’s internal dull channels and blames for illegally accessing the internal company’s data.
According to the US Department of Justice, a 25 -year -old man from Ryan Kremer created a malicious program in early 2024, promoted as the AI image generation tool on GITHUB and other platforms.
However, DOJ states that the program was actually malware that allowed Cramer to reach the computer of those who installed it to steal data and passwords from the device.
As Wall Street JournalOne of the people downloading the program was Disney Employees, Matthew Van Endel, who executed it on his computer. It provided Kremer access to his device, including a password stored in his 1password password manager.
Using the theft credibility of the van End, Kremer gained access to Disney’s slack channels, where he downloaded 1.1TB corporate data.
“By reaching MV’s Disney Slack account, the defendant reached the non-public Disney Slack channels, and around May 2024, the defendant downloaded about 1.1 terabytes of confidential data from thousands of disney slack channels,” It is said in a petition agreement viewed by Blapping Dunkmutor.
Justice department says The Cramer then approached the van End, in which a Russian hecticist group called “Nalbalge”, warned that his personal information and Disney’s stolen slack data would be published if he does not cooperate.
After no response, Nullbulge posted a message on the Breachforums Hacking Forum on July 12, 2024, titled “Disney International Slack”, where he claimed to dissolve the Disney and leaked 1.1TB theft data including personal information of the van end.
“1.1TIB data. Around 10,000 channels, each message and file possible, dumped. Unpublished projects, raw images and codes, links to some login, internal API/ web pages, and more! Do fun shifting through it, there is a lot, there is a lot,” reads the forum post.
Source: Bleepingcomputer
Kremer has convicted a count to reach a computer and receive information and threaten to damage a protected computer. Each charge gives a five -year statutory maximum punishment in the federal jail.
He has also confirmed that two additional people downloaded their malware, so that they could get access to their computer. The FBI is currently investigating these additional people.
Los Angeles is expected to be in the federal court in the coming weeks in the early court.
Based on the analysis of 14M malicious tasks, search for the top 10 MITERAT & CK techniques behind the 93% attacks and how to defend them against them.
