Добавить новость

Стали известны лауреаты ежегодной Национальной премии доверия покупателей МАРКА №1 в РОССИИ 2024

Архитектор Муринец оценила строительство флагманского центра ГКБ имени Буянова

Команда школы № 72 города Брянска прошла в полуфинал международного чемпионата «Битва роботов»

На рынке новостроек Московской области наблюдается снижение спроса на жилье



Новости сегодня

Новости от TheMoneytizer

A furry hacktivist group has breached Disney, leaked 1.1TiB of data, and says it's because Club Penguin shut down

Disney has suffered a massive leak of employee and company information, after hackers claimed one of its software managers was the victim of a Trojan horse malware attack. A whopping 1.1 terabytes of data has been leaked online, including personal information and details of unannounced products, including videogames. And the hackers say they're furries, and cite the shutdown of Club Penguin in March 2017 as justification.

The so-called hacktivist group is called Nullbulge and let me do you a favour: don't Google that word. It's one of those fanart terms referring to a prominent groinal bulge that usually has a giant lock illustration on it. Nullbulge describes itself as "a hacktivist group protecting artists' rights and ensuring fair compensation for their work," and this statement of intent is accompanied by a very NSFW image of a lion, which emphasises the beast's package.

The group lists a bunch of things that, it says, makes a target fair game. These include "crypto promotion", "AI artwork", "any form of theft", and generally anything to do with creator compensation. Disney of course is right in the middle of the fights around AI use, whether that's CEO Bob Iger's outspoken opposition to the SAG-AFRA strike fighting for AI regulation and opposing artificial likenesses of actors and their voices, or the use of AI tech in the creation of upcoming projects.

"Our hacks are not those of malice," claim Nullbulge, "but those to punish those caught stealing. Big and small theft, meet the same fate." Big talk but, on this occasion at least, it's been backed up. We'll come to how it happened shortly, but after dropping various hints and some minor leaks, Nullbudge released all the data it had stolen from Disney alongside the following statement:

"Hi there folks, it's us again. 

"Yesturday [sic] we leaked some small DB, now we leak the big guns. 

"1.1 TiB of data, almost 10,000 channels, every message and file possible dumped. Unreleased projects, raw images and code, some logins, links to internal API / web pages, and more! Have fun sifting through it, there is a lot there. Perfect for gathering intelligence and more.

"Bet they never imagined taking down Club Penguin servers would cause this much shite."

So how did this happen? A classic piece of Trojan horse malware that, apparently, was packaged up with a mod for BeamNG, a popular game often seen in social media clips that is basically about all kinds of vehicle physics and crashing things. This "mod" was downloaded by a Disney manager of software development on their personal computer, which also had access to Disney's Slack channels (a popular corporate messaging system). Once the hacking group was in, it perpetrated a second hack on the same employee through an unknown method, and began downloading everything it could. The Disney employee eventually noticed and managed to block further access, but only after all of the above data had been stolen.

The grim element of this is the human side. This employee who was successfully targeted will undoubtedly face serious professional consequences, and in an extremely unpleasant move the hacker group went out of their way to publicly name the victim and release other personal information. But as well as that individual's life being altered, the group has obtained and released a huge amount of personal data and information about other Disney employees.

This is where hacktivism gets a bit queasy, to my taste anyway. We can talk all day about Disney as a corporate or cultural entity, its role in the media landscape, what it does well and what it does terribly, and what it should be held to account for. Disney's influence and size makes it a target for such groups, but when the crosshairs start falling on the lives of individuals who happen to work at Disney, who in almost all cases will be nowhere near the executive level where decisions are made, it rather invalidates any wider ethical point the hacktivist group wishes to make.

The idea of Disney being caught with its cyber-trousers down is, I will admit, somewhat amusing. But the idea of potential real-life consequences for individuals who just happen to work for the company is not.

This gets to a wider point about Nullbulge, which is that the group's branding and claims should not be taken at face value. Hacktivism is a convenient justification, the furry links may well be a red herring, and it may just be one person rather than a team. Infosec professionals particularly doubt the group's claims of Russian origin, while elsewhere online internet sleuths are claiming to have identified the individual responsible.

As you can imagine, Nullbulge's various online accounts have been swiftly nuked by Disney lawyers, and the leak is no longer easily available. It apparently includes data going back to 2019 including enormous amounts of internal communications, notes on employees and prospective employees and, presumably Nullbulge's greatest prize, photographs of employees' dogs.

Nullbulge sent an online message to the Wall Street Journal saying it targeted Disney "due to how it handles artist contracts, its approach to AI, and it’s [sic] pretty blatant disregard for the consumer." It said the data was released because Disney was not going to respond to its demands: "If we said 'Hello Disney, we have all your slack data' they would instantly lock down and try to take us out. In a duel, you better fire first."

Eric Parker, a security researcher who has been following the group's online activities, told the WSJ he believes that Nulldbudge is not a group, but one young man. "He's not doing it for money," said Parker. "I think this is an attention-seeking exercise."

This is not the first time Disney has been hacked: Disney+ user data was hacked several years ago. But this is a hack on a different scale and, while the information therein is not currently being disseminated widely, it is out there: which for the company's employees especially must be terrible.

This is also not the first time a hacktivist group has claimed to be furries. Last year self-described gay furry hackers breached one of the biggest nuclear labs in the US, and demanded it begin researching 'IRL catgirls'. Coincidence, or the start of a trend?

Disney has issued a simple statement regarding the hack, saying only "Disney is investigating this matter." It has not commented on the shutdown of Club Penguin.

Читайте на 123ru.net


Новости 24/7 DirectAdvert - доход для вашего сайта



Частные объявления в Вашем городе, в Вашем регионе и в России



Smi24.net — ежеминутные новости с ежедневным архивом. Только у нас — все главные новости дня без политической цензуры. "123 Новости" — абсолютно все точки зрения, трезвая аналитика, цивилизованные споры и обсуждения без взаимных обвинений и оскорблений. Помните, что не у всех точка зрения совпадает с Вашей. Уважайте мнение других, даже если Вы отстаиваете свой взгляд и свою позицию. Smi24.net — облегчённая версия старейшего обозревателя новостей 123ru.net. Мы не навязываем Вам своё видение, мы даём Вам срез событий дня без цензуры и без купюр. Новости, какие они есть —онлайн с поминутным архивом по всем городам и регионам России, Украины, Белоруссии и Абхазии. Smi24.net — живые новости в живом эфире! Быстрый поиск от Smi24.net — это не только возможность первым узнать, но и преимущество сообщить срочные новости мгновенно на любом языке мира и быть услышанным тут же. В любую минуту Вы можете добавить свою новость - здесь.




Новости от наших партнёров в Вашем городе

Ria.city

Архитектор Муринец оценила строительство флагманского центра ГКБ имени Буянова

Стали известны лауреаты ежегодной Национальной премии доверия покупателей МАРКА №1 в РОССИИ 2024

Полиция задержала жителя Подмосковья, который выбросил раненого кота на улицу

Ликсутов: Бесплатные парковки для велокурьеров появились в Москве

Музыкальные новости

МТС интегрирует «Фиксиков» в детские сервисы

Якутский «Спартак» удачно выступил в Чите на турнире по футболу

Собянин: Москвичи завоевали 117 наград национального чемпионата «Абилимпикс»

Чемпионат России по баскетболу стартовал в Брянске

Новости России

На рынке новостроек Московской области наблюдается снижение спроса на жилье

Ликсутов: Бесплатные парковки для велокурьеров появились в Москве

В Ленинском округе завершены работы по программе «Светлый город»

Дома по технологии фахверк от «РичВуд»

Экология в России и мире

https://telegra.ph/Pod-Simferopolem-stroitsya-mini-gorod-ot-InterCtroj-10-29

Фестиваль «Стенограффия» в Екатеринбурге: большой праздник уличного искусства

"Женское дело. Лаборатория успеха". В гостях Александра Котельникова

«585*ЗОЛОТОЙ» рассказала о продажах и необычных свойствах украшений с драгоценными камнями

Спорт в России и мире

«Почему ты такая низкая?» Арина Соболенко пошутила над известной теннисисткой. Видео

Елена Рыбакина вылетела на Итоговый турнир WTA

Карен Хачанов выиграл девять из последних десяти матчей на турнирах ATP

Елена Рыбакина провела первую тренировку на Итоговом турнире WTA

Moscow.media

Bluetooth-сканер штрих-кодов SAOTRON P04 на базе CMOS-матрицы

В честь исполнителя роли Шурика из "Операции "Ы" назвали улицу в Екатеринбурге

Защитите свой автомобиль от зимнего гнева! Экспертный уход Aqua Complex – это просто

Рускеальский экспресс в осенней сказке.











Топ новостей на этот час

Rss.plus






Спланировать переезд и прикрепиться к поликлинике помогает суперсервис «Переезд в Москве»

Мальдивские отели приветствуют нового управленца

“Фанагория” получила специальный приз «Золотой Дионис» на Top100Wines 2024 за “ценность и достоинство вне времени”

Юрист Бондаренко посоветовала не брать микрозаймы под залог квартиры, чтобы не лишиться недвижимости