The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: EA Games

Account Takeover Vulnerability Found in Popular EA Games Origin Platform

Account Takeover Vulnerability Found in Popular EA Games Origin Platform

June 26, 2019Mohit Kumar
A popular gaming platform used by hundreds of millions of people worldwide has been found vulnerable to multiple security flaws that could have allowed remote hackers to takeover players' accounts and steal sensitive data. The vulnerabilities in question reside in the "Origin" digital distribution platform developed by Electronic Arts (EA)—the world's second-largest gaming company with over 300 million users—that allows users to purchase and play some of the most popular video games including Battlefield, Apex Legends, Madden NFL, and FIFA. The Origin platform also manages users EA Games account authentication and allows them to find friends, join games, and manage their profiles. Discovered by researchers at Check Point and CyberInt, the vulnerabilities when chained together could have allowed attackers to hijack gamer's EA account just by convincing them into opening an official webpage from the EA Games website. To perform this attack, as shown in th
EA Games website hacked; Phishing page hosted to steal Apple IDs

EA Games website hacked; Phishing page hosted to steal Apple IDs

March 20, 2014Swati Khandelwal
Recently we aware you about the tricky phishing scam targeting Google Docs and Google Drive , a similar phishing scam has been detected by the researchers targeting Apple users to steal users' credentials. According to the researchers at Netcraft , a UK based security services company, the hackers have compromised the web server owned by the gaming company, Electronic Arts (EA) to host a phishing site which targets Apple ID Account holders, asking for users' Apple ID and password, along with their full name and date of birth and credit card details as well. " The phishing site attempts to trick a victim into submitting his Apple ID and password. It then presents a second form which asks the victim to verify his full name, card number, expiration date, verification code, date of birth, phone number, mother's maiden name, plus other details that would be useful to a  fraudsters , " wrote the researchers in a blog post. The Hackers compromised the EA Games server by exp
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.