EA's Origin Leaves Gamers Vulnerable to Hackers

4.8
Research group ReVuln has found a potentially dangerous URI exploit within EA's Origin client which could leave as many as 40 million gamers vulnerable.

The ReVuln team gave a presentation last week at the Black Hat security conference in Amsterdam. Apparently, getting someone to click on an "origin://" prefixed link is all it takes, as the Origin client then downloads a dynamic link library file to the victim's computer. The ReVuln team has also released a paper, detailing the exploit, which mentions a similar vulnerability discovered in Valve's Steam platform last year.

Speaking to Ars Technica, Electronic Arts says the company is aware of the issue, and seems to be addressing the problem in some manner.

"Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure", said an EA spokesperson.

Posted:

Source: http://au.ign.com/articles/2013/03/19/eas-origin-has-an-exploit-leaving-gamers-vulnerable-to-hackers

Comments

"EA's Origin Leaves Gamers Vulnerable to Hackers" :: Login/Create an Account :: 169 comments

If you would like to post a comment please signin to your account or register for an account.

EulerPosted:

M60
Smurfs This needs to be fixed soon.


They already have as i said below


Drumstep
TTG_Negative i hope they fix this soon before somthing serious happens


so do I


They have fixed it already


They did fix it quickly, but I don't think this should have been something that they should have needed to have fixed. It should have been perfect from the beginning in my opinion.

EulerPosted:

RTE
Euler
Wubs Heh, I dont use EA orgins but I feel bad for whomever gets effected by this.


Yeah me too! I hope not many people got hacked..

(by the way i loved how you used whomever! :) )


Yeah, I don't use it either. But it's amazing how EA would leave it so unprotected


Yeah this really surprised me too, how open they left it :/

IlIuminatiPosted:

Euler
Wubs Heh, I dont use EA orgins but I feel bad for whomever gets effected by this.


Yeah me too! I hope not many people got hacked..

(by the way i loved how you used whomever! :) )


Yeah, I don't use it either. But it's amazing how EA would leave it so unprotected

EulerPosted:

Wubs Heh, I dont use EA orgins but I feel bad for whomever gets effected by this.


Yeah me too! I hope not many people got hacked..

(by the way i loved how you used whomever! :) )

EulerPosted:

PGA
iPlayDirty atleast it got fixed pretty quick!


Yeah, then a lot of people would be getting free games.


Yeah exactly, they're not going to be letting that happen

EulerPosted:

iPlayDirty atleast it got fixed pretty quick!


When companies see something that will lose them money, that's when they put all their efforts in to fixing them as quickly as they can

PGAPosted:

iPlayDirty atleast it got fixed pretty quick!


Yeah, then a lot of people would be getting free games.

iPlayDirtyPosted:

atleast it got fixed pretty quick!

KelcyPosted:

Thank god they have fixed this could have gone wrong

CearnsyPosted:

Smurfs This needs to be fixed soon.


They already have as i said below


Drumstep
TTG_Negative i hope they fix this soon before somthing serious happens


so do I


They have fixed it already