More than 10 million people thought to have accounts with Electronic Arts's (EA) Origin game store are at risk from a hack attack that swaps games for malicious code, researchers say.
In lab experiments, the researchers exploited a loophole in the way Origin handles links to games users have downloaded and installed to make it run code that compromised a target machine.
There is no evidence the loophole has yet been used by malicious hackers.
EA is investigating the vulnerability.
Launched in 2011, Origin acts as a distribution system, where customers can buy, download and manage EA video games as well as chat with friends about them.
But Donato Ferrante and Luigi Auriemma, from security company ReVuln, found a weakness in the way games were started via Origin.
Like many other programs, Origin uses a web-like syntax to keep track of the places games are found on a computer so they can quickly be started when people want to play.
The two researchers found a way to subvert this syntax to make it point to malicious code instead of a game.
"An attacker can craft a malicious internet link to execute malicious code remotely on victim's system, which has Origin installed," wrote the researchers in a paper detailing their work.
Attackers needed to know some identifying information about players to make good use of the vulnerability, wrote the pair.
However, they said, it was easy for attackers to get around this hurdle because Origin did not prevent repeated attempts to guess identifying information.
A demonstration of the attack was given at the Black Hat Europe conference, in which a Windows PC running Crysis 3 and Origin was taken over by the pair's attack code.
In a statement given to the Ars Technica website, EA said it was investigating hypothetical attacks such as the one found by Mr Ferrante and Mr Auriemma as part of the work it did to improve security on Origin.
Mr Ferrante and Mr Auriemma said players could protect themselves against potential attack by stopping Origin launching games via desktop shortcuts.
But this would mean games would have to be started directly from Origin.
bbb.co.uk
No comments:
Post a Comment