Now Reading
Hackers Can Misuse Microsoft Azure’s Unpatched Flaw To Take Over EA Origin’s User Accounts

Hackers Can Misuse Microsoft Azure’s Unpatched Flaw To Take Over EA Origin’s User Accounts

Harshajit Sarmah

From Computer Space arcade game in the 70s to 2019, the gaming industry has evolved tremendously. The industry generated about $135 billion in 2018 and is expected to make $180.1 billion profit in 2021, making it much more lucrative than ever before. With such massive growth and everything going digital, the industry is also becoming a high-value target for the hackers.

EA Origin Vulnerability

Looking at the present scenario, American video game company EA games seem to be one of the HVTs. Being the second-largest gaming company in the Americas and Europe by revenue and as well as market capitalization after Activision Blizzard, Hackers have started to keep an active eye on the company as well as its user base.

Recently, Check Point Research, the threat intelligence arm of Check Point Software Technologies, and CyberInt, a cybersecurity provider of managed threat detection and mitigation services, discovered a chain of severe vulnerabilities in EA Origin. The vulnerabilities were so severe that they have exposed data of more than 300 million players. Further, once exploit, it would allow hackers to completely take over the origin account.

Origin is a digital distribution platform developed by Electronic Arts (EA) that allows gamers to purchase and play games. Gamers can download the software clients of Origin and install in on their PCs or mobile devices. Also, Origin can be linked to users’ EA Games account— it allows them to connect with other games/friends, join games, etc. Therefore, this discovery of the vulnerabilities is definitely a shock to the community.


The Bigger Picture Of The Origin Vulnerability

When the attack was performed by the experts, they were able to take over one of the EA subdomains, eaplayinvite.ea[.]com, which was previously registered with Azure to host one of the Origin’s services. The experts basically took advantage of an unpatched vulnerability in Microsoft’s Azure cloud service.

To be precise, hackers could basically exploit the trust mechanism that exists between and domains and their subdomains and manipulates the OAuth protocol. If in case you don’t know what OAuth protocol is, it is an open standard for access delegation.  It is mostly used as a way for Internet users to grant websites or applications access to their information on other websites without providing the passwords. And talking about a worst case scenario, once completely taken over, attackers could have used the user’s credit card information to make purchases on behalf of the user.

However, the cybersecurity firms who carried out the entire research about the vulnerabilities, CyberInt and Check point, informed the company to fix the issues.

Instances Of Hackers Targeting The Gaming Industry

Between 2013 and 2014, multiple online gaming companies such as Sony, Riot Games, Microsoft, Nintendo, Valve, and Electronic Arts witnessed a series of denial-of-service (DoS) attacks. And to the surprise, the culprit behind the event was a 23-year-old boy for Utah, Austin Thompson, a.k.a. “DerpTroll,” who is also believed to the operator of the DerpTrolling hacking group.

See Also
Google Anthos Now Supports Multi-Cloud Workloads, Including AWS & Microsoft Azure In Preview
Google Anthos Now Supports Multi-Cloud Workloads, Including AWS & Microsoft Azure In Preview

Last year, on December 28,  Town of Salem, a browser-based game that lets players to convincingly lie as well as detect when other players are lying, witnessed a hack. Hackers have released a copy of the compromised game’s database on DeHashed, a hacked database search engine. And in January 2019, the report that shocked the entire community is that the data breach is a massive one. The breach was so severe that out of more than 8 million players, it impacted over 7.6 million players. The exposed data includes email addresses, usernames, hashed passwords, game and forum activity, and also payment information of some players along with full names, billing and shipping addresses, IP information and payment amount.

This is not the only instance; hackers are also targeting some of the vintage games. Even though it’s been quite a 19 years, the counter strike craze is still alive among gamers and the number of users is still significantly decent. And recently in March, according to a source, security firm Dr Web released a report stating 39% of all existing Counter-Strike 1.6 game servers online are malicious and also an attacker is exploiting zero-day flaws in game clients.

The scenario here is that several servers have been set up by hackers. The owners of malicious, fake servers made a significant amount of money by selling game specific privileges such as access to weapons and protection against bans. However, the prime motive behind is to pwn the gamers’ PCs and laptops by exploiting zero-day vulnerabilities in the game client.

Wrapping Up

As industries to continue to grow, the risk of getting targeted by hackers also increases. Over the years, we have witnessed a massive amount of hacking events where companies have lost millions of dollars. Talking about this recent vulnerabilities in Origin and MS Azure, even though experts have managed to save the day, it shows negligence and denial. Cybersecurity is more important than ever in this era; an organisation must secure each and every end. After all, it is about the data (of both the users and the company).

Provide your comments below


Copyright Analytics India Magazine Pvt Ltd

Scroll To Top