Featured Articles

Hands on: Nvidia Shield Tablet with Android 5.0

Hands on: Nvidia Shield Tablet with Android 5.0

We broke the news of Nvidia's ambitious gaming tablet plans back in May and now the Shield tablet got a bit…

More...
Nokia N1 Android tablet ships in Q1 2015

Nokia N1 Android tablet ships in Q1 2015

Nokia has announced its first Android tablet and when we say Nokia, we don’t mean Microsoft. The Nokia N1 was designed…

More...
Marvell launches octa-core 64-bit PXA1936

Marvell launches octa-core 64-bit PXA1936

Marvell is better known for its storage controllers, but the company doesn’t want to give up on the smartphone and…

More...
TSMC 16nm FinFET Plus in risk production

TSMC 16nm FinFET Plus in risk production

TSMC’s next generation 16nm process has reached an important milestone – 16nm FinFET Plus (16FF+) is now in risk production.

More...
Nvidia GTX 970 SLI tested

Nvidia GTX 970 SLI tested

Nvidia recently released two new graphics cards based on its latest Maxwell GPU architecture, with exceptional performance-per-watt. The Geforce GTX 970…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Wednesday, 20 March 2013 10:34

EA gets more bad news

Written by Nick Farrell



Origin vulnerable to hacking

EA Games has just received even more bad news as researchers discover a big hole in its Origin game store. The company, which stuffed up a flagship launch of SimCity, and lost its CEO, has just been told that 10 million people who use its Origin game store are at risk from a hack attack that swaps games for malicious code.

A loophole in the way Origin handles links to games users have downloaded and installed to make it run code that compromised a target machine. So far it does not appear that the loophole has yet been used by malicious hackers. EA said that it is investigating the vulnerability. Origin acts as a distribution system, where customers can buy, download and manage EA video games as well as chat with friends about them.

Donato Ferrante and Luigi Auriemma, from security company ReVuln, found a weakness in the way games were started via Origin. Apparently Origin uses a web-like syntax to keep track of the places games are found on a computer so they can quickly be started when people want to play.

But if you mess around with this you can make it point to malicious code instead of a game.

"An attacker can craft a malicious internet link to execute code remotely on victim's system, which has Origin installed," wrote the researchers in a paper detailing their work.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments