EA Origin vulnerability could have risked 300 million users

Eric Abent - Jun 26, 2019, 12:10 pm CDT
0
EA Origin vulnerability could have risked 300 million users

Security breaches and vulnerabilities in gaming services are nothing new, and today, researchers with Check Point Research and CyberInt are detailing the discovery of a particularly nasty one in EA’s Origin service. Origin, of course, is EA’s digital distribution platform similar to Steam, and since it’s the only way to get newly-released EA games on PC, it’s built up a userbase of millions of people over the years.

Check Point Research and CyberInt claim in a report today that this vulnerability could have potentially affected as many as 300 million Origin users around the world. The flaw would have allowed hackers to hijack Origin accounts without having to steal login credentials first. Instead, hackers could have obtained access to these accounts by stealing authentication tokens using abandoned subdomains and taking advantage of OAuth Single Sign-On and the TRUST mechanisms built into’s EA login systems.

Earlier this year, Check Point reported on a similar flaw it discovered in Fortnite. Essentially, this hack took advantage of those abandoned subdomains in EA’s Microsoft Azure account to create phishing links that seemed legitimate because of the EA.com URL. Once victims clicked that phishing link, Check Point and CyberInt were able to steal their authentication tokens and hijack their accounts, all without needing a login email or password.

That’s the very condensed version at least, with more information available in the an in-depth technical analysis on Check Point Research’s blog. The video you see embedded above also shows the process of stealing an authentication token and using it to hijack the accounts of unwitting users who think that they’ve just claimed a 7-trial of EA Origin Access Basic. The video certainly makes it seem like a very straightforward and easy process, which isn’t very comforting.

The good news is that Check Point and CyberInt alerted Electronic Arts to the vulnerability before any actual malicious actors were able to take advantage of it and EA was able to close it using the information provided by the two companies. It really seems like EA and Origin users dodged a pretty big bullet here, because a vulnerability like this definitely had the potential to put a lot of people at risk. For more on the vulnerability and how Check Point and CyberInt discovered it, be sure to check out the technical analysis linked above.


Must Read Bits & Bytes