Jump to content

Welcome to the upgraded PCGamingWiki forums and files page. The current Wiki and Forum bridge is not functioning at the moment, therefore your Forum account currently has no password set. Please reset your Forum password via email check to generate a new password. If you have any issues please message Andytizer on Discord.

AnotherGills

EA's Origin client vulnerability left millions of accounts at risk

Recommended Posts

APEXsad.png.7da45e0e64f85f6cdfdfa74ffdf4f9da.png

Check Point Research and CyberInt, two groups known for cyber threat intelligence and analysis, recently collaborated in an investigation on Origin, the PC gaming client owned by Electronic Arts. They found “a chain of vulnerabilities that, once exploited, could have led to the takeover of millions of player accounts”. The duo estimate that over 300 million accounts are at risk.

These vulnerabilities “took advantage of EA Games’ use of authentication tokens in conjunction with the oAuth Single Sign-On (SSO) and TRUST mechanism that is built into EA Game’s user login process”.

Check Point Research also produced a video and published it on Youtube, breaking down the specifics of the process.

Their full report can be read here, providing a much more in-depth explanation of their findings.

EA has currently provided no public comment on the matter.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Who's Online   1 Member, 0 Anonymous, 64 Guests (See full list)

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Forum Statistics

    1,129
    Total Topics
    6,503
    Total Posts
×