EA’s Origin gaming client had a severe vulnerability that could enable hackers to install ransomware on computers
News

EA’s Origin gaming client had a severe vulnerability that could enable hackers to install ransomware on computers

Digit NewsDesk   Apr 17, 2019

Origin, the digital game distribution platform by EA, has reportedly fixed a serious vulnerability in its software. As per TechCrunch, security researchers of Underdog Security, Daley Bee and Dominik Penner found a vulnerability in the Origin app, which could enable an attacker to remotely run malicious code on a victim’s computer. The bug affected the Origin app on Windows and an updated was rolled on Monday to fix it. Origin is a popular online game distribution platform that is used by people to access, download and install games on their systems. Origin’s macOS client was apparently unaffected by the bug. 

As per the report, the flaw originated in the URL scheme of the Origin app that makes it easier to access an individual game’s store from the web. The app uses an ‘origin://’ link in the address to load a game from a web page and the researchers found that using a malicious link, hackers could trick the app to run code remotely on the victim’s computer. This meant that “An attacker could’ve ran anything they wanted,” Bee told TechCrunch. An attacker could also send harmful PowerShell commands, which could enable them to potentially download and install ransomware and other malicious files. 

The malicious link could be sent to a victim over an email or listed on a website. However, it could also be executed if the “malicious code was combined with cross-site scripting exploit that ran automatically in the browser.” The flaw also made it possible to use a single line of code for stealing a user’s account access token, enabling a hacker to obtain access to a user’s account without needing their password. John Reseburg, a spokesperson for EA, confirmed that the flaw was patched with an update to Origin on Monday. 

Origin is the game distribution platform from where the popular online battle royale game Apex Legends can be downloaded. The app also hosts a slew of popular games like Battlefield V, Anthem, Fifa, Titanfall and more. 

logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Related Articles

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership — the 9.9 kind Building a leading media company out of India. And, grooming new leaders for this promising industry

DMCA.com Protection Status