EA Origin: Security Failure Has Invaded Windows PCs Remotely


Security researchers have identified a vulnerability in EA's Origin application for Windows PCs. It allows hackers to start any program remotely on the player's PC. With the administrator privilege, hackers can run PowerShell commands to install malware or ransomware. A patch deployed by EA fixes the failure.

EA Origin

source, the platform by Electronic Arts for PC gaming allows millions of gamers to access titles such as Apex Legend or Anthem on their computers. one security vulnerability was discovered in the Windows application by two researchers from Underdog Security. The vulnerability allowed hackers to run malicious code on PCs.

EA: The Origin platform suffers a major security breach

To make it easier to access the EA game catalog, the Origin application has a special URL system that allows players to download titles from a web page by clicking on a link in the format source: //, as the TechCruch website explains. But, according to researchers, hackers can exploit this system through a specific method to run any application on the victim's computer.

To support your claims, security experts provide proof of concept to TechCruch. A simple code implanted through a malicious URL allows you to run applications with the same level of privilege as the intended user. By successfully opening the Windows Calculator application for this test, researchers have proven that they can take control of PCs and run programs at will.

worse, thanks to administrator right, you can send PowerShell commands and by doing so, download any kind of malware such as malware or ransomware. It should be said that this clever process works in the same way as a fishing attack. The victim must first click on a malicious link deployed by traditional means such as an email or a web page.

Finally, clarification that The source macOS client is not affected by the vulnerability. This was corrected by EA in one of its last corrections. The source users on Windows should therefore be up to date.


Source link