Hacktivists claim to have stolen more than a terabyte of data from Disney’s internal chat platform and are leaking the information online in a protest against what they say is the company’s anti-artist stance.
The group, which calls itself NullBulge, has been active since at least May. It claims to be motivated by a desire to “protect artists’ rights and ensure fair compensation for their work”. On Friday, it published the entirety of Disney’s internal Slack channel online through the decentralised BitTorrent filesharing platform.
Unlike many corporate hackers, NullBulge seems not to be interested in financial rewards. The group did not publicly request a ransom from Disney, and posted the first selection of files from its stolen dataset almost immediately.
“Here is one I never thought I would get this quickly,” the group’s anonymous spokesperson said alongside the initial release. “Disney. Yes, that Disney. The attack has only just started, but we have some good shit.”
Others question the group’s motivations, however. Ilia Kolochenko, the chief executive of the cybersecurity firm ImmuniWeb, said the claims could simply be “a well thought-out smokescreen to mask the true identities and real motives of the hackers”.
“Hacktivists are highly unlikely to run operations of such scale to protect intellectual property and the rights of artists,” Kolochenko added.
Nonetheless, NullBulge’s methods have previously been in tune with its stated ideology. In June, a popular plugin for the AI image generator Stable Diffusion was found to have been compromised by the group. That tool, which provided an easy to use interface for the image generator, was updated to include malware from the hackers, which they used to steal further login credentials and extend their footprint in turn.
The group says it breached the Disney network through a developer who installed another tool it had compromised, a video game mod.
Its website features something close to a mission statement. “You Hacked Me Why?”, it asks. “We are sorry we had to do that to you, but we only do it if you have committed one of our sins.
“Crypto Promotion: We do not condone any form of promoting crypto currencies or crypto related products/services. AI artwork: We believe AI-generated artwork harms the creative industry and should be discouraged. Any form of Theft: Any theft from Patreons, other supportive artist platforms, or artists in general.”
Even the name of the group is evocative: NullBulge’s mascot is an anthropomorphic – “furry” – lion, covered in blue slime, with a noticeable bulge in its crotch.
In a statement to the Wall Street Journal, NullBulge added that it released the data immediately because it felt it would be “ineffective” to make demands of Disney: “If we said ‘Hello Disney, we have all your slack data’ they would instantly lock down and try to take us out. In a duel, you better fire first.”