Daily news, dev blogs, and stories from Game Developer straight to your inbox
April 16, 2019
1 Min Read
Until just recently, Electronic Arts’ digital game platform Origin had a security vulnerability that could be used to run malicious apps on an Origin user's computer.
Researchers speaking to TechCrunch offered a look at the exploit in action, explaining that the flaw itself allowed would-be attackers to use Origin as a channel to trick users into running any app of the attacker’s choosing.
It was an issue exclusive to the Windows version of the client, and one that the researchers from Underdog Security say took advantage of how Origin uses “origin://“ links to start games by clicking on a link in a webpage.
Combined with other recourses like PowerShell commands, the exploit could theoretically have been used to download and install malicious programs onto the computers of unsuspecting Origin users that clicked a hijacked link. The bug, which EA confirmed has been fixed as of this Monday, also potentially opened the door for hackers to steal account access tokens using a single line of code.
You May Also Like
Accessibility and fancy footwork with GLYDR's John Warren - Game Developer Podcast ep. 40Feb 28, 2024
Exploring the 2024 State of the Game Industry report - Game Developer Podcast ep. 39Feb 2, 2024
Phantom inspiration and the ethical auteur with Xalavier Nelson Jr.Dec 8, 2023
Designing Killer Queen: from playground experiment to modern arcade sensationOct 18, 2023
Get daily news, dev blogs, and stories from Game Developer straight to your inbox
Subscribe to Game Developer Newsletters to stay caught up with the latest news, design insights, marketing tips, and more