One of EA Games’ servers has been infiltrated by hackers who are using it to run an Apple ID phishing website. The information was revealed by the folks at Netcraft, which points out the server in question was commonly used to run an outdated version of WebCalendar known to have several security vulnerabilities.
One of the known vulnerabilities of WebCalendar 1.2.0, for example, is the ability for someone without authentication to change settings and execute arbitrary code, among other things. Though not confirmed, it is suggested these vulnerabilities contributed to the server being compromised.
The phishing scheme provides a website — stored in the same server directory as the WebCalendar app, Netcraft notes — that looks like Apple’s website, which prompts the visitor to enter their Apple ID and password. After entering that information, the individual is then asked to enter more personal information (as a “confirmation”), among which are things like credit card info, mother’s maiden name, and such.
At the end of it all, the user is then redirected to Apple’s website, leaving the victims unaware that they’ve given their information away. The compromise doesn’t end there, however. EA Games is also being used in a phishing attack aimed at Origin credentials. That particular phishing site, Netcraft reports, has been online more than a week.
EA has been informed of the issue.