Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,178
- Points
- 113
The leak calls into question the safety of employees and future projects.
A group of hackers calling themselves NullBulge announced a large-scale attack on the Disney company. According to the attackers, they managed to steal more than a terabyte of confidential data from internal Slack channels that were used by the media giant's developers.
Slack is a cloud-based communication and collaboration platform. It allows you to exchange messages, files, and conduct video conferences in real time, which ensures effective interaction and project management. By integrating with many other apps and services, Slack simplifies workflows.
Representatives of NullBulge report that the stolen information covers messages and files from 10,000 channels. "1.1 terabytes of files and correspondence. We siphoned off everything we could get our hands on. Do you want to see what's going on behind the scenes? " the hackers write on their blog.
The leak allegedly includes information about unannounced projects, source images and program code, some credentials, links to internal web resources, and other confidential information.
According to unverified data, the attackers also managed to get into corporate chats with a variety of screenshots, photos of pets, phone numbers and other "little things" that employees share with each other.
In hacking allegedly helped one of the studio employees. The leak could have contained even more data, but, as the hackers themselves write, "at some point, our man got cold feet and kicked us out of the system!"
Despite the fact that the fact of the leak has not yet been officially confirmed, if the statements of NullBulge are true, the stolen array of information can become a real storehouse for cybercriminals. For example, groups that specialize in ransomware often choose victims with the greatest potential for attacks on supply chains. Uncovered corporate secrets can make it much easier for intruders to get into the heart of the Disney corporation.
In the past, hackers have repeatedly hacked into the internal Slack channels of various organizations. So, the video game publisher Activision faced a leak: criminals got access to the corporate Slack environment and the product release schedule. And in 2022, a hacker broke through Uber's cyber defense system and left a message in the company's Slack channels, presumably protesting the driver's pay policy.
NullBulge is a little-known group that positions itself as "hacktivists who protect the rights of artists and fight for fair remuneration for their work."
According to available information, the group previously distributed malicious tools for working with generative AI services. These programs, disguised as legitimate Stable Diffusion software, were hosted on the GitHub platform.
At the time of the news release, Disney has not yet confirmed or commented on the information about the alleged attack.
Source
A group of hackers calling themselves NullBulge announced a large-scale attack on the Disney company. According to the attackers, they managed to steal more than a terabyte of confidential data from internal Slack channels that were used by the media giant's developers.
Slack is a cloud-based communication and collaboration platform. It allows you to exchange messages, files, and conduct video conferences in real time, which ensures effective interaction and project management. By integrating with many other apps and services, Slack simplifies workflows.
Representatives of NullBulge report that the stolen information covers messages and files from 10,000 channels. "1.1 terabytes of files and correspondence. We siphoned off everything we could get our hands on. Do you want to see what's going on behind the scenes? " the hackers write on their blog.
The leak allegedly includes information about unannounced projects, source images and program code, some credentials, links to internal web resources, and other confidential information.
According to unverified data, the attackers also managed to get into corporate chats with a variety of screenshots, photos of pets, phone numbers and other "little things" that employees share with each other.
In hacking allegedly helped one of the studio employees. The leak could have contained even more data, but, as the hackers themselves write, "at some point, our man got cold feet and kicked us out of the system!"
Despite the fact that the fact of the leak has not yet been officially confirmed, if the statements of NullBulge are true, the stolen array of information can become a real storehouse for cybercriminals. For example, groups that specialize in ransomware often choose victims with the greatest potential for attacks on supply chains. Uncovered corporate secrets can make it much easier for intruders to get into the heart of the Disney corporation.
In the past, hackers have repeatedly hacked into the internal Slack channels of various organizations. So, the video game publisher Activision faced a leak: criminals got access to the corporate Slack environment and the product release schedule. And in 2022, a hacker broke through Uber's cyber defense system and left a message in the company's Slack channels, presumably protesting the driver's pay policy.
NullBulge is a little-known group that positions itself as "hacktivists who protect the rights of artists and fight for fair remuneration for their work."
According to available information, the group previously distributed malicious tools for working with generative AI services. These programs, disguised as legitimate Stable Diffusion software, were hosted on the GitHub platform.
At the time of the news release, Disney has not yet confirmed or commented on the information about the alleged attack.
Source
