Earlier in the year, EA Origin found itself in hot water after a vulnerability was discovered in the game client that could’ve potentially put the accounts of its players base at risk. More than 300 million players, to be precise.
Researchers from Check Point and CyberInt informed EA that if the vulnerability isn’t patched, it would enable hackers to “hijack and exploit” the accounts of million. Allowing them to steal the client’s Single Sign-On authorisation token, thus bypassing the traditional act of stealing login or password details.
Both Check Point and CyberInt found the flaw when they managed to take control of an EA subdomain via the URL “eaplayinvite.ea.com”. According them, the domain was inactive, as was hosted on Microsoft’s Azure cloud service. After taking over the page, the companies said they turned it into a phishing trap.
From that point onward, the researchers could send links from the domain to victims of their choice, and they were more likely to click on them, especially since it was being sent from an “affiliated” link. Of course, Check Point and CyberInt didn’t do that, and instead informed EA about the flaw back in February.
EA has since patched up the flaw, stating that players safety is its priority.