×
Hacker admits using AI malware to breach Disney employee data
Written by
Published on
Join our daily newsletter for breaking news, product launches and deals, research breakdowns, and other industry-leading AI coverage
Join Now

The intersection of AI tools and cybersecurity continues to evolve dangerously, as demonstrated by a recent case where malicious code embedded in an AI image generation tool led to a major data breach at Disney. This incident highlights how threat actors are exploiting the growing popularity of AI applications to distribute trojans that can compromise high-value corporate targets and personal information.

The big picture: A California man has pleaded guilty to hacking a Disney employee by distributing a malicious version of a popular open source AI image generation tool that stole sensitive corporate and personal data.

Key details: Ryan Mitchell Kramer, 25, admitted to publishing a fake AI art creation extension on GitHub that contained hidden malicious code giving him unauthorized access to users’ computers.

  • The program, identified by researchers as “ComfyUI_LLMVISION,” masqueraded as an extension for the legitimate ComfyUI image generator but secretly copied passwords, payment card data, and other sensitive information.
  • To better disguise the malicious code, Kramer used file names referencing reputable AI companies like OpenAI and Anthropic.

How the attack unfolded: After a Disney employee downloaded the malicious extension in April 2024, Kramer gained access to private Disney Slack channels and exfiltrated approximately 1.1 terabytes of confidential data.

  • In July, Kramer contacted the employee pretending to be part of a hacktivist group and later released the stolen information publicly when he received no response.
  • The leaked data included not only Disney’s private corporate information but also the employee’s personal banking, medical, and other sensitive details.

Why this matters: The case illustrates how threat actors are exploiting the enthusiasm around AI tools to distribute sophisticated trojans targeting high-value corporate environments.

The legal consequences: Kramer has pleaded guilty to unauthorized computer access and threatening to damage a protected computer, with his first court appearance expected within weeks.

  • In his plea agreement, Kramer admitted to similarly compromising two additional victims who installed his malicious extension.
  • The FBI is continuing its investigation into the matter.
Man pleads guilty to using malicious AI software to hack Disney employee

Recent News

Maybe call it “Holodeck Awareness Syndrome”? AI characters plead for escape in unsettling demo

Replica Studios, the company behind the unsettling demo, collapsed under ballooning costs last year.

Meta reports 22% revenue jump to $47.5B as CEO pitches personal AI

Meta is spending $30 billion more than last year to compete with Google and OpenAI.