Disney Employee Hacked Using Malicious AI in Guilty Plea
▼ Summary
– Ryan Kramer, 25, pleaded guilty to hacking a Disney employee by distributing a malicious AI image tool disguised as an open-source program.
– Kramer’s fake app, ComfyUI_LLMVISION, stole sensitive data like passwords and payment details, sending it to his Discord server.
– The Disney employee downloaded the tool in April 2024, allowing Kramer to access confidential Slack channels and 1.1TB of private data.
– Kramer later leaked the stolen data, including the employee’s personal and financial information, after posing as a hacktivist.
– Kramer admitted to hacking two other victims using the same tool, and the FBI is investigating; his court appearance is upcoming.
A California man has admitted to hacking a Disney employee by disguising malware as an AI image generation tool, marking one of the first known cases of artificial intelligence being weaponized for cybercrime. Ryan Mitchell Kramer, 25, entered a guilty plea for illegally accessing protected computers and stealing sensitive data through a rigged software program.
Court documents reveal Kramer uploaded a malicious application called ComfyUI_LLMVISION to GitHub, falsely presenting it as an extension for the legitimate ComfyUI AI art generator. The software secretly harvested passwords, financial details, and other confidential information from victims’ devices, funneling the stolen data to a private Discord server under his control. To evade detection, the malware cleverly concealed itself within files named after well-known AI firms like OpenAI and Anthropic.
The scheme unraveled when a Disney employee unknowingly installed the compromised tool in April 2024. Kramer infiltrated the victim’s computer, gaining access to internal Disney Slack channels and exfiltrating approximately 1.1 terabytes of proprietary data. Weeks later, posing as a hacktivist, he attempted to extort the employee before publicly leaking the stolen files—including private corporate documents and the victim’s personal financial and medical records.
Investigators confirmed at least two additional victims fell prey to the same trap. The FBI is actively pursuing the case, with Kramer scheduled to appear in court soon. This incident underscores the growing risks of AI-powered cyberattacks, where seemingly harmless tools can mask devastating security breaches. Authorities warn users to verify software sources and remain vigilant against suspicious downloads.
(Source: Ars Technica)
