Featured Articles

IHS teardown reveals Galaxy S5 BOM

IHS teardown reveals Galaxy S5 BOM

Research firm IHS got hold of Samsung’s new flagship smartphone and took it apart to the last bolt to figure out…

More...
Galaxy S5, HTC One M8 available selling well

Galaxy S5, HTC One M8 available selling well

Samsung’s Galaxy S5 has finally gone on sale and it can be yours for €699, which is quite a lot of…

More...
Intel lists Haswell refresh parts

Intel lists Haswell refresh parts

Intel has added a load of Haswell refresh parts to its official price list and there really aren’t any surprises to…

More...
Respawn confirms Titanfall DLC for May

Respawn confirms Titanfall DLC for May

During his appearance at PAX East panel and confirmed on Twitter, Titanfall developer Respawn confirmed that the first DLC pack for…

More...
KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 gained a lot of overclocking experience with the GTX 780 Hall of Fame (HOF), which we had a chance to…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Wednesday, 20 March 2013 10:34

EA gets more bad news

Written by Nick Farrell



Origin vulnerable to hacking

EA Games has just received even more bad news as researchers discover a big hole in its Origin game store. The company, which stuffed up a flagship launch of SimCity, and lost its CEO, has just been told that 10 million people who use its Origin game store are at risk from a hack attack that swaps games for malicious code.

A loophole in the way Origin handles links to games users have downloaded and installed to make it run code that compromised a target machine. So far it does not appear that the loophole has yet been used by malicious hackers. EA said that it is investigating the vulnerability. Origin acts as a distribution system, where customers can buy, download and manage EA video games as well as chat with friends about them.

Donato Ferrante and Luigi Auriemma, from security company ReVuln, found a weakness in the way games were started via Origin. Apparently Origin uses a web-like syntax to keep track of the places games are found on a computer so they can quickly be started when people want to play.

But if you mess around with this you can make it point to malicious code instead of a game.

"An attacker can craft a malicious internet link to execute code remotely on victim's system, which has Origin installed," wrote the researchers in a paper detailing their work.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

To be able to post comments please log-in with Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments