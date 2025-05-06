In a surprising case that features the use of artificial intelligence (AI) for cybercrime, a 25-year-old California resident pleaded guilty to hacking a Walt Disney Company employee through the use of a malicious version of an in-demand AI image-making program.

The hack resulted in the theft of more than one terabyte of sensitive business and personal information.

Malicious AI Tool Brought into Disguise as Legitimate Software

According to the press release from the Central District of California, the accused, Ryan Mitchell Kramer, pleaded guilty to publishing a spoofed version of ComfyUI, an open-source image generator, under the fake name ComfyUI_LLMVISION.

Posing as an add-on to improve AI-created artwork, the software was riddled with malware that could steal passwords, payment details, and sensitive files.

Kramer, who did business online using the handle NullBulge, hosted the software on GitHub. Innocent victims who downloaded the imitation app did so unknowingly, thereby granting Kramer complete control over their computers.

The malware was coded to send data secretly to a Discord server that Kramer maintained. To conceal the scam, Kramer employed misleading file names invoking the names of well-established AI firms, such as OpenAI and Anthropic.

Disney Employee Targeted in Massive Data Breach

As reported by Ars Technica, the incident was discovered when one of Disney's employees downloaded the malware in April 2024. Once in, Kramer hacked into private Slack channels belonging to Disney, finally stealing around 1.1 TB of sensitive information. This included corporate internal files, creative material, and sensitive employee information.

Last July, Kramer impersonated a hacktivist group member and reached out to the employee, probably to manipulate or frighten them. With no response from the employee, Kramer took the matter to the public by leaking the stolen data. Some of the hacked information included the victim's financial records, medical records, and personal details.

FBI Investigation Continues as Charges Mount

Kramer pleaded guilty to two federal charges, including accessing a protected computer and obtaining information, and threatening to destroy a protected computer.

These are severe crimes under federal law, and the FBI continues its investigation. Court filings establish that two other victims also installed the tainted software, resulting in unauthorized access to their systems.

Cybersecurity Concerns Rise Over Open-Source Tools

With the popularity of open-source tools, companies, even high-profile companies like Disney, should be vigilant against potential AI software hacks.

While applications like ComfyUI are well established in design and developer circles as being safe to use, this incident reminds us how popular programs can be manipulated.

The altered version of ComfyUI was cleverly disguised, drawing attention to how hackers are now leveraging AI's popularity to spread advanced malware.

Experts warn developers and users alike to verify the authenticity of downloaded tools and inspect code before use, especially when hosted on public repositories like GitHub.

Kramer will be making his initial court appearance in the weeks ahead. If convicted, he faces substantial prison time, heavy fines, and extended computer use restrictions.

