Major vulnerabilities in Origin have been resolved by EA

27 Jun 2019

Image: © ekkaphan/Stock.adobe.com

EA’s senior director of game and platform security, Adrian Stone, has said that protecting players is priority.

Researchers from CyberInt and Check Point have detected vulnerabilities in Origin, a gaming client run by Electronic Arts (EA).

Soon after the vulnerabilities were discovered, they were disclosed to EA in accordance with coordinated vulnerability disclosure practices, in order to solve the issues and roll out an update before the weaknesses could be exploited.

If the chain of vulnerabilities that CyberInt and Check Point caught had been exploited, up to 300m EA gamers could have potentially been at risk of account takeover and identity theft.

According to a detailed technical analysis of the discovery published by Check Point, “the vulnerabilities did not require users to hand over any login details whatsoever. Instead, they took advantage of abandoned EA subdomains and EA Games’ use of authentication tokens in conjunction with the OAuth Single Sign-On (SSO) and Trust mechanism built into EA’s user login process.”

When Check Point figured out the various vulnerabilities, it spent some time looking at the ways in which they could be abused. Eventually, it discovered that its research team was able to manipulate the OAuth protocol implementation “for full account takeover exploitation”. Check Point demonstrated how this was possible in a video featured in the analysis report.

Check Point’s head of products vulnerability research, Oded Vanunu, said: “EA’s Origin platform is hugely popular, and if left unpatched these flaws would have enabled hackers to hijack and exploit millions of users’ accounts. Along with the vulnerabilities we recently found in the platforms used by Epic Games for Fortnite, this shows how susceptible online and cloud applications are to attacks and breaches. These platforms are being increasingly targeted by hackers because of huge amounts of sensitive customer data they hold.”

Itay Yanovski, co-founder of CyberInt, added: “Gaming goods are traded in official and unofficial marketplaces in the darknet, which makes attacks against gaming studios very lucrative. We believe the cybersecurity industry has the responsibility to protect people, so we make sure to alert the industry with threat-centric security research … to ensure that the most effective detection and mitigation measures are taken.”

In response to this news, Adrian Stone, senior director of game and platform security at EA, released a statement in which he said: “Protecting our players is our priority. As a result of the report from CyberInt and Check Point, we engaged our product security response process to remediate the reported issues. Working together under the tenet of coordinated vulnerability disclosure strengthens our relationships with the wider cybersecurity community and is a key part of ensuring our players stay secure.”

EA Games is currently the world’s second largest gaming company, with revenues of around $5bn and a catalogue of popular titles including The Sims, FIFA, NBA Live and Madden NFL.

Kelly Earley was a journalist with Silicon Republic

editorial@siliconrepublic.com