A California man has pleaded responsible to hacking an worker of The Walt Disney Firm by tricking the individual into operating a malicious model of a extensively used open supply AI image-generation instrument.
Ryan Mitchell Kramer, 25, pleaded responsible to 1 rely of accessing a pc and acquiring data and one rely of threatening to break a protected pc, the US Lawyer for the Central District of California said Monday. In a plea settlement, Kramer mentioned he revealed an app on GitHub for creating AI-generated artwork. This system contained malicious code that gave entry to computer systems that put in it. Kramer operated utilizing the moniker NullBulge.
Not the ComfyUI you’re on the lookout for
In response to researchers at VPNMentor, this system Kramer used was ComfyUI_LLMVISION, which presupposed to be an extension for the respectable ComfyUI picture generator and had capabilities added to it for copying passwords, cost card knowledge, and different delicate data from machines that put in it. The pretend extension then despatched the information to a Discord server that Kramer operated. To raised disguise the malicious code, it was folded into information that used the names OpenAI and Anthropic.
Two information mechanically downloaded by ComfyUI_LLMVISION, as displayed by a person’s Python package deal supervisor.
Credit score:
VPNMentor
The Disney worker downloaded ComfyUI_LLMVISION in April 2024. After gaining unauthorized entry to the sufferer’s pc and on-line accounts, Kramer accessed personal Disney Slack channels. In Might, he downloaded roughly 1.1 terabytes of confidential knowledge from 1000’s of the channels.
In early July, Kramer contacted the worker and pretended to be a member of a hacktivist group. Later that month, after receiving no reply from the worker, Kramer publicly launched the stolen data, which, in addition to personal Disney materials, additionally included the worker’s financial institution, medical, and private data.
Within the plea settlement, Kramer admitted that two different victims had put in ComfyUI_LLMVISION, and he gained unauthorized entry to their computer systems and accounts as properly. The FBI is investigating. Kramer is predicted to make his first courtroom look within the coming weeks.
