A flaw was found in EA Origin that could have exposed 300 million players to account takeovers. The flaw would have allowed hackers to hijack people’s accounts without stealing their login or passwords. That’s because it would steal a Single Sign-On authorization token instead, which could give complete control for hackers. The security researchers that discovered the flaw were able to take control of an EA subdomain, under the URL “eaplayinvite.ea.com,” which was an inactive domain hosted on Microsoft’s Azure cloud service. They could send the malicious page to players, and since it was an EA domain, victims would be more likely to trust the link, researchers said. The hijacked page had code embedded that would take access tokens intended for EA and direct it toward the researchers instead.
Account Takeover Vulnerability Found in the Popular EA Games' Origin Platformhttps://t.co/SLEhZJrnYw
Checkout the video demonstration shared by CheckPoint researchers.
—by @unix_root pic.twitter.com/4rff0P2xC1
— The Hacker News (@TheHackersNews) June 26, 2019
Experts Comments:
Jonathan Bensen, CISO at Balbix:
AI has rapidly gained interest as a valuable approach that can help security teams to monitor the swathes of data being generated from all devices, apps and users present in a network for potential vulnerabilities or cyber-risks. The top AI-based security tools can automatically discover and monitor all IT assets across a broad range of attack vectors, prioritize remediations based on business risk and even implement automatic remediation workflows by integrating into enterprise ticketing and security orchestration systems.”
Ben Herzberg, Director, Threat Research at Imperva:
This is especially true in the gaming industry, which is known to be in focus of many attackers. As an example, attackers are targeting web applications in order to run scams around games like Fortnite, and we at Imperva see gaming targets as one of the top 5 most attacked industry verticals.”
Casey Ellis, CTO and Founder at Bugcrowd:
Gaming companies, like EA, have a tendency to grow rapidly once their games get traction in the market, and speed to market is the natural enemy of security. Security efforts just can’t keep up or often isn’t even considered in the software development lifecycle.
This is an interesting vulnerability chain, taking advantage of issues that we see frequently in the Bugcrowd program: authentication implementation problems, specifically around SAML, and squatted/orphaned domains. This news just goes to show that engaging with the whitehat hacker community to perform attack surface discovery, and maintain that feedback loop on an ongoing basis, is the only way to identify these types of issues as they are inevitably introduced into the wild.
Anurag Kahol, CTO at Bitglass:
Samantha Humphries, Senior Product Marketing Manager at Exabeam:
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.