An account hijacking vulnerability has been found in the platform that delivers the popular battle royal 'Apex Legends'
Apex Legends ', which is free for basic play, is exclusively distributed on the game distribution platform ' Origin ' operated by the leading game developer Electric Arts (EA). It is reported that there is a vulnerability in which such third party could steal an account and steal confidential data. In addition, it seems that it has already been corrected at the time of article creation.
The PC version of the popular battle royal game '
Account Takeover Vulnerability Found in Popular EA Games Origin Platform
The vulnerabilities discovered this time are summarized in the following movie
EA Games Vulnerability Leads to Account Breach & Identity Theft-YouTube
First, an attacker sends a malicious URL to a victim logged in to an Origin account.
When the victim clicks on the sent URL, it shifts to the login screen to Origin.
Here, an attacker can steal an Origin login session token. This seems to be an attack that exploits the security hole that Origin using Microsoft Azure has made when linking to a subdomain of EA. By exploiting this security hole, attackers can set up unique and malicious services in their own Azure instances in hijacked subdomains.
By logging in using the token that the victim got illegally ......
The attacker bypasses the authentication process and accesses the victim's Origin account ...
Play Apex Legends ...
You can also purchase in-game content using the victim's credit card.
Although this series of phishing attacks requires a fairly complex process, the risk of being taken over by nearly 300 million users who own EA accounts is always threatened. Researchers immediately report this vulnerability to EA and collaborate on corrections. It seems that about three months have passed since EA addressed the issue and released the information.