Cyber Security Magazine
EA, the company behind award-winning titles such as Apex Legends, Anthem, and Battlefield V, has just announced that a patch has been released for the Origin quagmire. Per the company’s statements, the bug, which was actually a zero-day vulnerability, left some 300 million user accounts exposed.
The result – hackers, could have gotten away with credentials, microtransactions, and even real cash. If you’re still running an older version of EA’s Origin, you should update it as soon of possible to prevent any mishaps.
What’s this all about Origin being on the fritz?
The good news is that Origin is back to being, well, the gaming platform we all grew accustomed to, minus one zero-day vulnerability. The breach was discovered by CiberInt and Check Point, two cybersecurity companies that regularly contact infiltration tests on various platforms.
This time, it was EA’s turn. Now, according to Oded Vanunu, Check Point’s head of products vulnerability research, the vulnerability was related to the Single Sign-on authorization tokens. In other words, the hacker did not need to steal your username and passwords to take over your account.
They simply would have requested a single-time sign in a token which doesn’t require either of those things.
If granted access, the attacker could have gotten away with your game codes, plain-text passwords, personal and financial information.
Fortunately, this is no longer the case. Earlier this week, the company announced that the issue had been resolved. No reasons to fear, unless you’re running an older version of Origin.
So, aren’t you in the bit curious about how Check Point and CiberInt managed to identify the vulnerability in the first place?
A bit of background first – the same thing happened with Facebook and Fortnite, a popular massive-multiplayer online RPG.
After the vulnerabilities were revealed, users became a tad more suspicious about giving away their credentials. So, the hackers turned to the next best thing: authorization tokens.
From a personal standpoint, I have to say that these one-time sign-in tokes are the best thing that happened to account management since autofill (saved my can more than once after losing my passwords).
However, if someone were to say, hijack these tokens, that person can get into your account without bother stealing your credentials.
Now back to the Origin imbroglio – Check Point and CiberInt managed to prove that the perpetrator was an outdated EA subdomain. By taking control of this subdomain, which was listed under ea.playinvite.ea.com and hosted on an Azure Cloud, the security experts managed to successfully inject a phishing trap.
This spell out double trouble, considering that the trap was set on EA’s own domains; the user would have simply followed the link and never suspect a thing.
Wrap-up
Is the issue fixed? Yes, it is or, at least that’s what Adrian Stone, EA’s director of platform and game security says. When asked about how severe this issue was, Stone said that this zero-day bug impacted some 300 million users.
What are your thoughts on Origin’s zero-day vulnerability? Is the platform safe again? Head to the comments section and let me know.
