According to a report from internet security firm Netcraft, an Electronic Arts server was recently hacked, and until it was shut down was being used to run a phishing scam that targeted Apple customers.
The server in question was “used by two websites in the ea.com domain”. Netcraft says that the scam was trying to get Apple user’s login details.
The compromised server is hosted within EA’s own network. Compromised internet-visible servers are often used as “stepping stones” to attack internal servers and access data which would otherwise be invisible to the internet, although there is no obvious outward facing evidence to suggest that this has happened.
In this case, the hacker has managed to install and execute arbitrary PHP scripts on the EA server, so it is likely that he can at least also view the contents of the calendar and some of the source code and other data present on the server.
Electronic Arts says that, having been alerted to the scam’s presence, it’s been shut down. “We have found it, we have isolated it, and we are making sure such attempts are no longer possible” an EA spokesperson tells Kotaku. “Privacy and security are of the utmost importance to us.”
The interesting part of this isn’t the scam itself – the internet is overflowing with them – but rather how the EA server was used as a “stepping stone”. Makes you wonder how often this happens without us ever knowing about it…
EA Games website hacked to steal Apple IDs [netcraft]
Comments
6 responses to “EA Server Hacked To Run A Scam (That’s Now Been Shut Down)”
The hacker was clearly a Creeper, someone should be questioning Mojang about this.
Sir, you have made my morning. I doff my cap to you.
But does that mean they’ll fix the Plants vs Zombies Garden Warfare server connection /stability issues they’ve been having for the last few days?
For some reason (most likely, wanting to play PvZ GW) , I totally expected this article to refer to this , the burning issue of our times.
So EA’s server have now resumed their regular scam? HI-YO!
I was about to say, did he set up Origin for them
This kind of thing happens a lot more than most people think. It’s just that it’s usually the more high profile sites that get hit because of the type of clients they have. Just look up “Watering Hole Attacks”.