![]() You will find general information about cookies and details on how to delete cookies from your device. Alternatively, you can visit which contains comprehensive information on how to do this on a wide variety of browsers and devices. To Reset Your Password, You will need to fill your OriginWebAppAccount Email or OriginWebAppID to set up your EA Account. If you want to restrict or block the cookies that are set by our website, you can do so through your browser setting. If you forget your OriginWebAppPassword, please visit the EA website ( EA Login Page) and Click Forget Your Password. For example, we will recognize your username and remember how you customized the site during future visits. Functionality cookiesįunctionality cookies let us operate the site in accordance with the choices you make. For example, these cookies let us recognize that you have created an account and have logged into that account. Necessary cookies allow us to offer you the best possible experience when accessing and navigating through our website and using its features. What types of cookies do we use? Necessary cookies It will contain some anonymous information such as a unique identifier, website’s domain name, and some digits and numbers. Each cookie is unique to your web browser. What are cookies?Ĭookies are simple text files that are stored on your computer or mobile device by a website’s server. By visiting you agree that may use cookies to be processed by Google Analytics and Yandex.Metrika. "As a result of the report from CyberInt and Check Point, we engaged our product security response process to remediate the reported issues."ĮA didn't respond to a request for additional comment.Please read this cookie policy carefully before using operated by us. "Protecting our players is our priority," Adrian Stone, EA's director of game and platform security, said in a statement provided by the security researchers. 19, and the company said it fixed the issue within three weeks. ![]() CyberInt and Check Point said they reached out to EA to fix the flaw on Feb. The researchers could then use that to log into the victims' accounts. "We had the vulnerabilities under control so no other party could have exploited them during the period it took EA to fix," Alexander Peleg, CyberInt's head of cyber operations, said in an email. The hijacked page had code embedded that would take access tokens intended for EA and direct it toward the researchers instead. They could send the malicious page to players, and since it was an EA domain, victims would be more likely to trust the link, researchers said. CyberInt and Check Point's researchers successfully requested to take over the inactive domain from Microsoft Azure and turned the page into a phishing trap. The security researchers were able to take control of an EA subdomain, under the URL "eaplayinvite.ea.com," which was an inactive domain hosted on Microsoft's Azure cloud service. As people become more aware of entering their passwords on suspicious websites, hackers have turned to stealing access tokens instead, which can be done in the background without any user participation. They're harder to steal than passwords but still possible, as a similar vulnerability with Fortnite and Facebook demonstrated. Access tokens are an authentication method similar to passwords, as codes generated by services to keep you logged in. That's because it would steal a Single Sign-On authorization token instead, which could give complete control for hackers. The security flaw would have allowed hackers to hijack people's accounts without stealing their login or passwords. "EA's Origin platform is hugely popular, and if left unpatched, these flaws would have enabled hackers to hijack and exploit millions of users' accounts," Oded Vanunu, head of products vulnerability research for Check Point, said in a statement Wednesday. ![]() The flaw exposed more than 300 million players on popular online games such as Battlefield, Madden NFL, NBA Live and FIFA, according to security researchers from Check Point and CyberInt. Security researchers found a vulnerability that could have easily allowed for account takeovers.ĮA had to step up its game after researchers found an EA Origin vulnerability that could have exposed millions of people to account takeovers. EA Origin hosts games like NBA Live and Battlefield.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |