Featured Articles

HP Stream is a Chromebook killer priced at $200

HP Stream is a Chromebook killer priced at $200

We have been hearing reports of a new breed of affordable Windows notebooks for months. It is alleged that a number…

More...
AMD Radeon R7 SSD line-up goes official

AMD Radeon R7 SSD line-up goes official

AMD has officially launched its first ever SSDs and all three are part of AMD’s AMD Radeon R7 SSD series.

More...
KitKat has more than a fifth of Android users

KitKat has more than a fifth of Android users

Android 4.4 is now running on more than a fifth of Android devices, according to Google’s latest figures.

More...
Aerocool Dead Silence reviewed

Aerocool Dead Silence reviewed

Aerocool is well known for its gamer cases with aggressive styling. However, the Dead Silence chassis offers consumers a new choice,…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Wednesday, 20 March 2013 10:34

EA gets more bad news

Written by Nick Farrell



Origin vulnerable to hacking

EA Games has just received even more bad news as researchers discover a big hole in its Origin game store. The company, which stuffed up a flagship launch of SimCity, and lost its CEO, has just been told that 10 million people who use its Origin game store are at risk from a hack attack that swaps games for malicious code.

A loophole in the way Origin handles links to games users have downloaded and installed to make it run code that compromised a target machine. So far it does not appear that the loophole has yet been used by malicious hackers. EA said that it is investigating the vulnerability. Origin acts as a distribution system, where customers can buy, download and manage EA video games as well as chat with friends about them.

Donato Ferrante and Luigi Auriemma, from security company ReVuln, found a weakness in the way games were started via Origin. Apparently Origin uses a web-like syntax to keep track of the places games are found on a computer so they can quickly be started when people want to play.

But if you mess around with this you can make it point to malicious code instead of a game.

"An attacker can craft a malicious internet link to execute code remotely on victim's system, which has Origin installed," wrote the researchers in a paper detailing their work.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments