×
Hacker admits using AI malware to breach Disney employee data
Written by
Published on
Join our daily newsletter for breaking news, product launches and deals, research breakdowns, and other industry-leading AI coverage
Join Now

The intersection of AI tools and cybersecurity continues to evolve dangerously, as demonstrated by a recent case where malicious code embedded in an AI image generation tool led to a major data breach at Disney. This incident highlights how threat actors are exploiting the growing popularity of AI applications to distribute trojans that can compromise high-value corporate targets and personal information.

The big picture: A California man has pleaded guilty to hacking a Disney employee by distributing a malicious version of a popular open source AI image generation tool that stole sensitive corporate and personal data.

Key details: Ryan Mitchell Kramer, 25, admitted to publishing a fake AI art creation extension on GitHub that contained hidden malicious code giving him unauthorized access to users’ computers.

  • The program, identified by researchers as “ComfyUI_LLMVISION,” masqueraded as an extension for the legitimate ComfyUI image generator but secretly copied passwords, payment card data, and other sensitive information.
  • To better disguise the malicious code, Kramer used file names referencing reputable AI companies like OpenAI and Anthropic.

How the attack unfolded: After a Disney employee downloaded the malicious extension in April 2024, Kramer gained access to private Disney Slack channels and exfiltrated approximately 1.1 terabytes of confidential data.

  • In July, Kramer contacted the employee pretending to be part of a hacktivist group and later released the stolen information publicly when he received no response.
  • The leaked data included not only Disney’s private corporate information but also the employee’s personal banking, medical, and other sensitive details.

Why this matters: The case illustrates how threat actors are exploiting the enthusiasm around AI tools to distribute sophisticated trojans targeting high-value corporate environments.

The legal consequences: Kramer has pleaded guilty to unauthorized computer access and threatening to damage a protected computer, with his first court appearance expected within weeks.

  • In his plea agreement, Kramer admitted to similarly compromising two additional victims who installed his malicious extension.
  • The FBI is continuing its investigation into the matter.
Man pleads guilty to using malicious AI software to hack Disney employee

Recent News

AI courses from Google, Microsoft and more boost skills and résumés for free

As AI becomes critical to business decision-making, professionals can enhance their marketability with free courses teaching essential concepts and applications without requiring technical backgrounds.

Veo 3 brings audio to AI video and tackles the Will Smith Test

Google's latest AI video generation model introduces synchronized audio capabilities, though still struggles with realistic eating sounds when depicting the celebrity in its now-standard benchmark test.

How subtle biases derail LLM evaluations

Study finds language models exhibit pervasive positional preferences and prompt sensitivity when making judgments, raising concerns for their reliability in high-stakes decision-making contexts.