According to a report from internet security firm Netcraft, an Electronic Arts server was recently hacked, and until it was shut down was being used to run a phishing scam that targeted Apple customers.
The server in question was “used by two websites in the ea.com domain”. Netcraft says that the scam was trying to get Apple user’s login details.
The compromised server is hosted within EA’s own network. Compromised internet-visible servers are often used as “stepping stones” to attack internal servers and access data which would otherwise be invisible to the internet, although there is no obvious outward facing evidence to suggest that this has happened.
In this case, the hacker has managed to install and execute arbitrary PHP scripts on the EA server, so it is likely that he can at least also view the contents of the calendar and some of the source code and other data present on the server.
Electronic Arts says that, having been alerted to the scam’s presence, it’s been shut down. “We have found it, we have isolated it, and we are making sure such attempts are no longer possible” an EA spokesperson tells Kotaku. “Privacy and security are of the utmost importance to us.”
The interesting part of this isn’t the scam itself – the internet is overflowing with them – but rather how the EA server was used as a “stepping stone”. Makes you wonder how often this happens without us ever knowing about it…
EA Games website hacked to steal Apple IDs [netcraft]