'NullBulge' threat actor targets software supply chain, AI tech

New SentinelOne research revealed a threat actor known as "NullBulge" is conducting financially motivated attacks on the software supply chain under the guise of hacktivism.

The research from SentinelLabs, published as a blog Tuesday, concerns an emerging threat group that most recently claimed to have conducted a high-profile data theft attack against Disney's internal Slack communications. According to SentinelOne senior threat researcher Jim Walter, the gang targets AI and gaming focused entities "by weaponizing code in publicly available repositories on GitHub and Hugging Face, leading victims to import malicious libraries, or through mod packs used by gaming and modeling software."

NullBulge emerged at least as early as April, Walter said, projecting an anti-AI, pro-artist activist message. The group advertises on its data leak site that it aims to conduct "payback through honeypots and malicious mods [third-party video game modifications]" in the communities of AI-art-adjacent applications and games. In one example, NullBulge targeted users of vehicle simulation game BeamNG by publishing malicious mods to relevant forums.

Despite this hacktivist persona, SentinelLabs' research found evidence that the group's activities were at least partially financially motivated in nature. Walter wrote that the group sold infostealer logs as well as OpenAI API keys on hacker forums. Although the group utilizes ransomware, Walter told TechTarget Editorial that SentinelLabs has not identified any evidence that NullBulge has received a ransom payment as of yet.

In addition, Walter said that its targets have included a number of organizations are religious in nature and have nothing to do with AI, such as the Fellowship of Companies for Christ International and HowWeLove[.]com. Walter concluded that NullBulge has adopted its hacktivist identity as a tool for economic gain.

SentinelOne categorized the technical end of NullBulge's activities as "poisoning the well."

"The group targets the software supply chain by injecting malicious code into legitimate software distribution mechanisms, exploiting trusted platforms like GitHub, Reddit and Hugging Face to maximize their reach. NullBulge announces their leaks via their own DLS/blog site, alongside occasional 4chan threads," Walter wrote in the blog post. "Further, the group is using customized LockBit ransomware builds to maximize the impact of their attacks."

According to SentinelOne's research, NullBulege carried out a series of supply chain attacks in May and June that targeted AI tools and platforms. These attacks included a full compromise of a ComfyUI extension on GitHub called LLM Vision. The threat group used Python-based payloads in seemingly legitimate software repositories that harvest data from unsuspecting users and exfiltrate that data through a Discord webhook.

But while NullBulge utilizes custom LockBit builds and aims to focuses on supply chain-related threat activity, the research referred to the group as a "low-sophistication actor, targeting an emerging pool of victims with commodity malware and ransomware." Asked why this was the case, Walter told TechTarget Editorial it is because the gang uses "techniques that are fairly simple to execute, but nothing bespoke or new."

"This is not state-sponsored, zero-day-laden activity. This is commodity malware distribution dressed up a bit," he said.

The research blog concludes that NullBulge is notable because it reflects a sea change toward easier-to-execute ransomware.

"The group's invasive targeting of AI-centric games and applications poses a threat to those working with such technologies and highlights an intriguing area of focus for threat actors. Its methods of staging and delivering malicious code -- such as obfuscated code in public repositories -- is not new, but the target demographic is an emerging sector which is increasingly being targeted," Walter wrote. "Groups like NullBulge represent the ongoing threat of low-barrier-of-entry ransomware, combined with the evergreen effect of infostealer infections."

Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.