Featured Articles

Nvidia Shield 2 shows up in AnTuTu

Nvidia Shield 2 shows up in AnTuTu

Nvidia’s original Shield console launched last summer to mixed reviews. It went on sale in the US and so far Nvidia…

More...
AMD CSO John Byrne talks ARM

AMD CSO John Byrne talks ARM

We had a chance to talk about AMD’s upcoming products with John Byrne, Chief Sales Officer, AMD. We covered a number…

More...
AMD Chief Sales Officer thinks GPU leadership is critical

AMD Chief Sales Officer thinks GPU leadership is critical

We had a chance to talk to John Byrne who spent the last two years as Senior Vice President and Chief…

More...
OpenPlus One $299 5.5-inch Full HD phone

OpenPlus One $299 5.5-inch Full HD phone

OnePlus is one of the few small companies that might disrupt the Android phone market, dominated by giant outfits like Samsung.…

More...
KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 gained a lot of overclocking experience with the GTX 780 Hall of Fame (HOF), which we had a chance to…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Wednesday, 20 March 2013 10:34

EA gets more bad news

Written by Nick Farrell



Origin vulnerable to hacking

EA Games has just received even more bad news as researchers discover a big hole in its Origin game store. The company, which stuffed up a flagship launch of SimCity, and lost its CEO, has just been told that 10 million people who use its Origin game store are at risk from a hack attack that swaps games for malicious code.

A loophole in the way Origin handles links to games users have downloaded and installed to make it run code that compromised a target machine. So far it does not appear that the loophole has yet been used by malicious hackers. EA said that it is investigating the vulnerability. Origin acts as a distribution system, where customers can buy, download and manage EA video games as well as chat with friends about them.

Donato Ferrante and Luigi Auriemma, from security company ReVuln, found a weakness in the way games were started via Origin. Apparently Origin uses a web-like syntax to keep track of the places games are found on a computer so they can quickly be started when people want to play.

But if you mess around with this you can make it point to malicious code instead of a game.

"An attacker can craft a malicious internet link to execute code remotely on victim's system, which has Origin installed," wrote the researchers in a paper detailing their work.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

To be able to post comments please log-in with Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments