Jump to content

PCGamingWiki will use a Single Sign On (SSO) system to bridge wiki and forum accounts which is ready for testing. You may login using the 'Login with PCGamingWiki' button on both the wiki and the forum, which will soon be the only option. If you have any issues please message Andytizer on Discord.

AnotherGills

EA's Origin client vulnerability left millions of accounts at risk

Recommended Posts

APEXsad.png.7da45e0e64f85f6cdfdfa74ffdf4f9da.png

Check Point Research and CyberInt, two groups known for cyber threat intelligence and analysis, recently collaborated in an investigation on Origin, the PC gaming client owned by Electronic Arts. They found “a chain of vulnerabilities that, once exploited, could have led to the takeover of millions of player accounts”. The duo estimate that over 300 million accounts are at risk.

These vulnerabilities “took advantage of EA Games’ use of authentication tokens in conjunction with the oAuth Single Sign-On (SSO) and TRUST mechanism that is built into EA Game’s user login process”.

Check Point Research also produced a video and published it on Youtube, breaking down the specifics of the process.

Their full report can be read here, providing a much more in-depth explanation of their findings.

EA has currently provided no public comment on the matter.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Who's Online   1 Member, 0 Anonymous, 106 Guests (See full list)

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Forum Statistics

    1,218
    Total Topics
    6,793
    Total Posts
×