Jump to content

PCGamingWiki will soon migrate to a Single Sign On (SSO) system to bridge Wiki and Forum accounts, please read our FAQ.

AnotherGills

EA's Origin client vulnerability left millions of accounts at risk

Recommended Posts

APEXsad.png.7da45e0e64f85f6cdfdfa74ffdf4f9da.png

Check Point Research and CyberInt, two groups known for cyber threat intelligence and analysis, recently collaborated in an investigation on Origin, the PC gaming client owned by Electronic Arts. They found “a chain of vulnerabilities that, once exploited, could have led to the takeover of millions of player accounts”. The duo estimate that over 300 million accounts are at risk.

These vulnerabilities “took advantage of EA Games’ use of authentication tokens in conjunction with the oAuth Single Sign-On (SSO) and TRUST mechanism that is built into EA Game’s user login process”.

Check Point Research also produced a video and published it on Youtube, breaking down the specifics of the process.

Their full report can be read here, providing a much more in-depth explanation of their findings.

EA has currently provided no public comment on the matter.

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Found PCGamingWiki useful? Please consider making a Donation or visiting our Patreon.
  • Who's Online   0 Members, 0 Anonymous, 200 Guests (See full list)

    There are no registered users currently online

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Forum Statistics

    1,297
    Total Topics
    7,113
    Total Posts
×
×
  • Create New...