Origin exploit discovered

Electronic Arts' virtual marketplace reportedly at risk from loophole that could swap games for malicious code.


An Origin exploit has been discovered that allows hackers to swap games for malicious code, the BBC reports today. Researchers at security company ReVuln found the loophole, which stems back to the way the service launches games.

No Caption Provided

"Like many other programs, Origin uses a web-like syntax to keep track of the places games are found on a computer so they can quickly be started when people want to play," the BBC wrote. "The two researchers found a way to subvert this syntax to make it point to malicious code instead of a game."

EA confirmed to Ars Technica that it is investigating the exploit, though there is no evidence that the loophole has been manipulated by hackers.

"Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure," an EA representative told the site.

ReVuln researchers demonstrated the hack during the Black Hat Europe conference recently, showing off a Windows PC running Crysis 3 that was subsequently taken over by the attack code.

SimCity's record-breaking launch this month helped push Origin to a new concurrent peak user milestone of 1.3 million. The service has 39 million members as of December 31, though this figure is actually over 40 million when SimCity's 1.1 million sales are factored in.

Please use a html5 video capable browser to watch videos.
This video has an invalid file format.
Sorry, but you can't access this content!
Please enter your date of birth to view this video

By clicking 'enter', you agree to GameSpot's
Terms of Use and Privacy Policy

GameSpot may get a commission from retail offers.

Got a news tip or want to contact us directly? Email news@gamespot.com

Join the conversation
There are 89 comments about this story