Check Point Research & CyberInt Find Major Vulnerability in Electronic Arts’ Origin Gaming Client
June 2019 by Charlotte Cloud
Check Point Research and CyberInt have identified a chain of vulnerabilities in the Origin gaming client developed by Electronic Arts (EA). Once exploited, the vulnerabilities would have led to player account takeover and identity theft.
EA is the world’s second largest gaming company and boasts household gaming titles such as FIFA, Madden NFL, NBA Live, UFC, The Sims, Battlefield, Command and Conquer and Medal of Honor in its portfolio. The games leverage the Origin client gaming platform, which allows users to purchase and play EA’s games across PC and mobile. Origin contains social features such as profile management, networking with friends via chat, and direct game joining. It also includes community integration with sites such as Facebook, Xbox Live, PSN, and Nintendo Network.
CyberInt and Check Point researchers responsibly disclosed the vulnerabilities to EA in accordance with coordinated vulnerability disclosure practices to fix the vulnerabilities and roll out an update before threat actors could exploit EA. The vulnerability EA closed could have allowed a threat actor to hijack a player’s session, resulting in account compromise and takeover.
“Protecting our players is our priority,” said Adrian Stone, Senior Director, Game and Platform Security at Electronic Arts. “As a result of the report from CyberInt and Check Point, we engaged our product security response process to remediate the reported issues. Working together under the tenet of Coordinated Vulnerability Disclosure strengthens our relationships with the wider cybersecurity community and is a key part of ensuring our players stay secure.”
The vulnerabilities found in EA’s platform did not require the user to hand over any login details whatsoever. Instead, it took advantage of abandoned subdomains and EA Games’ use of authentication tokens in conjunction with the OAuth Single Sign-On (SSO) and TRUST mechanism built into EA Game’s user login process.
“EA’s Origin platform is hugely popular; and if left unpatched, these flaws would have enabled hackers to hijack and exploit millions of users’ accounts,” said Oded Vanunu, Head of Products Vulnerability Research for Check Point. “Along with the vulnerabilities we recently found in the platforms used by Epic Games for Fortnite, this shows how susceptible online and cloud applications are to attacks and breaches. These platforms are being increasingly targeted by hackers because of huge amounts of sensitive customer data they hold.”
“CyberInt provides continuous, automated early detection, taking the attacker’s perspective to enable companies to protect their customers and business proactively,” said Itay Yanovski, Co-Founder and SVP Strategy for CyberInt Technologies. “Gaming goods are traded in official and unofficial marketplaces in the darknet, which makes attacks against gaming studios very lucrative. We believe the cybersecurity industry has the responsibility to protect people, so we make sure to alert the industry with threat-centric security research on newly detected adversary campaigns, such as the recent TA505 – to ensure that the most effective detection and mitigation measures are taken.”
Check Point and CyberInt strongly advise users to enable two-factor authentication and only use the official website when downloading or purchasing games. Parents should create awareness among their children around the threat of online fraud, that cyber criminals will do anything to gain access to personal and financial details, which may be held as part of a gamer’s online account. Check Point and CyberInt encourage gamers to always be vigilant when receiving links sent from unknown sources.