Major security flaws were discovered on EA Origin, which forced the publisher to act quickly to correct them and avoid the risk to millions of users.
The leaks were detected by Check Point Research and CyberInt, who warned EA by pushing them to act quickly to plug the holes. There are no traces of the exploitation of these flaws, so no unauthorized access or data theft has been detected, with risks that seem to have remained confined to just a concept, but if someone had exploited these vulnerabilities practically the entire player base of the Electronic Arts client would have been defenseless in the face of attacks.
These flaws, apparently, were based on the exploitation of abandoned sub-domains by EA, in coordination with the use of authentication tokens used to connect to Origin, with the TRUST mechanisms that come into play with the login process. “These platforms are increasingly being targeted by hackers due to the huge amount of sensitive data of the users they own,” explained Oded Vanunu of Check Point, who suggests players to always use two-factor authentication for these accounts.
Check Point and CyberInt strongly advise users to enable two-factor authentication and only use the official website when downloading or purchasing games. Parents should create awareness among their children around the threat of online fraud, that cybercriminals will do anything to gain access to personal and financial details, which may be held as part of a gamer’s online account.
If you haven’t activated two-factor authentication, visit www.origin.com to do so.
Latest posts by Boris Bulj (see all)
- Nintendo Switch goes on sale in China from next week - December 5, 2019
- Persona 5 – More than three million copies sold worldwide - December 3, 2019
- The best PC, PS4, Xbox One & Switch Games coming in December 2019 - December 1, 2019
Source (Check Point Research)