Hackers Steal Wealth of Data from Game Giant EA

By   ISBuzz Team
Writer , Information Security Buzz | Jun 11, 2021 02:44 am PST

Hackers have broken into gaming giant Electronic Arts, the publisher of Battlefield, FIFA, and The Sims, and stole a wealth of game source code and related internal tools. “You have full capability of exploiting on all EA services,” the hackers claimed in various posts on underground hacking forums. A source with access to the forums, some of which are locked from public view, provided Motherboard with screenshots of the messages. In those forum posts the hackers said they have taken the source code for FIFA 21, as well as code for its matchmaking server. The hackers also said they have obtained source code and tools for the Frostbite engine, which powers a number of EA games including Battlefield. Other stolen information includes proprietary EA frameworks and software development kits (SDKs), bundles of code that can make game development more streamlined. In all, the hackers say they have 780GB of data and are advertising it for sale in various underground hacking forum posts viewed by Motherboard. 

Notify of
11 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Ran Pugach
Ran Pugach , Chief Product and Development Officer
InfoSec Expert
June 14, 2021 11:29 am

<p>EA has revealed that some of its source code has been stolen in a hack. While thankfully no user data has been compromised, this hack still shows how important it is to secure all online interactions. To help protect the valuable data these online gaming companies hold, they need to first and foremost have visibility of their data’s movements.</p> <p><br /><br />As cliche as it sounds, a chain is only as strong as its weakest link, and as the vast majority of hacks are due to human error, so employee awareness and education is crucial. Businesses need to make sure that everyone – regardless of level or job role – understands the importance of cyber security. By having this level of visibility across the business, an employee can notify the security teams of any unusual behaviour happening on the system. A strong cyber security policy is one that combines smart technology with employee buy-in and education.</p>

Last edited 2 years ago by Ran Pugach
David Sygula
David Sygula , Senior Cybersecurity Analyst
InfoSec Expert
June 14, 2021 11:26 am

<p>This incident is further proof that addressing data breaches that occur outside the corporate firewall is vital. Businesses must understand what sensitive data is beyond the security perimeter.<u></u><u></u></p> <p> </p> <p>As always, organisations must reduce their digital risk by constantly scanning for leaked documents outside their networks, such as Dark Web forums in the case, to uncover confidential and sensitive data quickly, before it is exploited.</p>

Last edited 2 years ago by David Sygula
Jake Moore
Jake Moore , Global Cyber Security Advisor
InfoSec Expert
June 14, 2021 11:22 am

<p>This is not the usual attack as it is likely not financially motivated. Attacks on games publishers are usually for other reasons such as cheat making or underground community kudos. Gaming source code makes a popular target for cheat makers and their communities, so protection must be water tight. There will be an inevitable indirect financial hit as EA recovers from a frustrating strike, but luckily this is not related to ransomware like many other current targeted cyberattacks delivering a two-pronged attack.</p>

Last edited 2 years ago by Jake Moore
Tom Van de Wiele
Tom Van de Wiele , Principal Consultant
InfoSec Expert
June 14, 2021 11:16 am

<p style=\"font-weight: 400;\">The EA source code and tools have a surprisingly high value to any company that operates in the shadows and want to get a leg up in competing with the bigger game development companies. Being able to steal an algorithm, approach, or game assets themselves and integrate them fast means not having to develop them on your own and means money and effort is saved that can be directed somewhere else. Especially when those games are released to a limited target group or platform where it is almost impossible to prove any wrongdoing or theft of intellectual property.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">The latter is a side effect of the current geopolitical situation but also the fact that in the last 20 years, most modern computer games have a form of Digital Rights Management (DRM). This DRM is enforced by game developers using cryptography to ensure those game cheaters cannot easily see what is going on in the game’s internal logic and reverse engineer the code to create and sell cheat functionality for profit. Because of this, it will be difficult in the future to prove that a competing company has or hasn\’t stolen either the design principles or implementation of any part of the leaked code if obfuscated well enough.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">Game companies in general, and especially EA which is a video game powerhouse with decades of game development history, must deal with a lot of technology stacks, third parties, and infrastructure that all must work in tandem. The more moving parts and possible interactions, the more susceptible a company is to abuse or misuse that could lead to compromise. Not only do gaming companies have to be able to enforce security on their infrastructure and products in a way that does not impede the creative workforce they so critically depend on, but they also must restrict the functionality that comes with the game so that it cannot be used against others as a platform of attack.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">There have been plenty of examples of this in the recent past where not only other end-users have been targeted through games that allow modified user content to take over someone\’s computer and network, but we also see examples where this was used to breach Game Developers themselves. Game developers want to see what the community around a game is doing by opening some of the gamer community-made creations, this is where backdoors are added to the functionality leading to compromise of the company.</p>

Last edited 2 years ago by Tom Van de Wiele
David Emm
David Emm , Principal Security Researcher
InfoSec Expert
June 14, 2021 11:14 am

<p>The gaming industry is hugely lucrative, and with the <a href=\"https://74n5c4m7.r.eu-west-1.awstrack.me/L0/https:www.theguardian.comgames2021mar19lockdown-boredom-drives-uk-video-games-market-to-7bn-record-high/1/01020179fabba4ea-ececbf20-2b03-415e-b66f-79445e937aec-000000/7n-hbvIR2JzLMVwwWAkNOqV5g1g=218\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://74n5c4m7.r.eu-west-1.awstrack.me/L0/https:2F2Fwww.theguardian.com2Fgames2F20212Fmar2F192Flockdown-boredom-drives-uk-video-games-market-to-7bn-record-high/1/01020179fabba4ea-ececbf20-2b03-415e-b66f-79445e937aec-000000/7n-hbvIR2JzLMVwwWAkNOqV5g1g218&source=gmail&ust=1623755308381000&usg=AFQjCNGH99aW0p8B0DsQ-ExPWpGI25HReg\">UK video games market hitting a record £7bn last year</a> as lockdown fuelled an unprecedented boom in the popularity of online gaming. However, it’s also becoming an increasingly attractive target for cybercriminals. With gaming being a huge, and growing industry, source code to popular games is a valuable asset to cybercriminals. This news is an alarming reminder that intellectual property and other valuable data can be accessed if not protected effectively.</p> <p> </p> <p>Gaming companies should secure their systems and ensure that they update operating systems and applications in a timely manner. In addition, it also requires that they anticipate attacks by identifying weak spots, use threat intelligence to track the TTPs (tactics, techniques and procedures) of potential attackers and proactively monitor their systems for signs of intrusion.</p>

Last edited 2 years ago by David Emm

Recent Posts

Would love your thoughts, please comment.x