EA games server hacked

20/03/2014

A server belonging to games giant EA has been hacked and was used to host a phishing attack to collect Apple IDs. The issue was spotted by Paul Mutton who works for security firm Netcraft. He posted a blog about it explaining how the hack worked.

When users logged in to ea.com they were presented with a request their Apple IDs. This may sound odd, but many websites now use other forms of identification in order to log you in. It's not uncommon to use your Twitter or Facebook log ins to get into other sites, for example.

If users entered their user IDs and passwords they were then asked to further confirm their identity by entering in their credit card and billing address details. None of these pages were of course hosted on EA's servers, all the hackers did was to exploit a vulnerability in the calendar functionality on the site. Unfortunately EA was running a version dating back to 2008 that had known security issues.

As Paul Mutton said in his blog, 'The mere presence of old software can often provide sufficient incentive for a hacker to target one system over another, and to spend more time looking for additional vulnerabilities or trying to probe deeper into the internal network.'

It is this failure to keep systems and software up-to-date that can put companies and end-users alike at risk. Patches, fixes and updates to software should be applied to all software as soon as possible. However, this sort of error only highlights the coming issue of Microsoft ending support for Windows XP.

The vulnerability that was exploited here was well known and this method is a common one used by hackers. When security vulnerabilities are found it is relatively easy to find users of that software who haven’t updated their software and therefore still at risk.

A spokesperson for EA said, 'Privacy and security are of the utmost importance to us. We found it, we have isolated it, and we are making sure such attempts are no longer possible.'