EA hack is very simple

  • by
  • 3 min read

EA Games’ enormous sport theft, which noticed FIFA 21 According to the hacker in cost, the stolen and different key video games trusted a $10 cookie and a few disturbing simple social engineering. Electronic Arts confirmed that it was a sufferer of cybercrime earlier this week and possessed roughly 780GB of data- Including game code, etc. -Pull from its server.

Losing the supply code of one in all its most watched video games is dangerous sufficient, however the hacker additionally stole a replica of the EA matching code for FIFA 21, And Frostbite’s supply code and instruments, in addition to varied frameworks and SDKs. However, EA said that it doesn’t consider that buyer knowledge is affected.

“Without player data being accessed, we have no reason to believe that there is any risk to player privacy,” EA stated in an announcement. “After the incident, we have made security improvements, and it is not expected to have an impact on our games or business.”

However, the precise mechanism of how hackers handle to entry the info has been revealed and is very simple.In the interview motherboardA consultant stated that the entire thing is determined by acquiring a stolen cookie bought on-line. This price all 10 {dollars}.

Cookies are one of the frequent comfort capabilities of the Internet and net providers, and are answerable for saving login knowledge and classes. Using them, you possibly can keep away from having to enter authentication credentials each time you go to the identical net web page, for instance, they will also be used to document entry logs. However, few folks notice that there is additionally a marketplace for stolen cookies on-line, bought for malicious functions.

In this case, hackers can entry the corporate’s Slack sport by way of EA cookies. This is an inner messaging platform utilized by EA for collaboration amongst its varied groups. It is necessary to speak with IT help and different departments.

“In the chat, we sent a message to the IT support members, and we explained to them that we lost our phone at the party last night,” the hacker’s consultant defined. This led the help workforce to concern two authentication tokens by way of which the EA firm community may be accessed. In addition, there is additionally the issue of accessing varied supply code servers and copying what they discover.

EA confirmed the working mechanism of hacking and said that it is cooperating with regulation enforcement businesses after exploiting the vulnerability.

This reminds us that though two-factor authentication and different superior safety could pose a significant impediment to hackers, people are normally nonetheless essentially the most simply exploitable components in the whole system. EA is actually not the one firm to find this in an embarrassing public manner. Many high-profile hacks are resulting from perpetrators making an attempt to persuade workers that their calls for are innocent or true.