In recent times, the rise in hacking cases is a perfect example of the vulnerability of large companies such as Electronics Arts (EA) that have security expertise.
Simply put, hackers were able to break into EA’s systems by tricking an employee into providing a login token via Slack – a popular messaging and collaborative work platform for large and small businesses.
Proud of their rebellion, the pirates did not hesitate to provide a method of seizing more than 780 GB of data kept for sale in the forums of the underworld web (dark web).
Thank you Cookies And a stolen fake phone
Among the stolen data, hackers got their hands on source code for FIFA 21 games, a frogsbite engine that powers popular games such as Battlefield and other development tools beloved by the EA.
In detail, the scandal over EA began with the purchase of cookies (Cookies) Was stolen and resold on this infamous underground web for $ 10, used to access the gaming giant’s slack messaging channel.
Because these cookies store login information, hackers can pretend to be legitimate users and have access to its services, including EA’s slack message.
Berner IT departments
“After the message was sent, we texted an IT member to explain that we had lost our phone at the party the day before,” a hacker group spokesman told the site. Motherboard.
From the IT department, hackers obtained a multi-factor authentication token to gain access to EA’s internal network. Twice repetitive operation according to representative.
From there, it is easy to imagine what happened next. The team has access to game development services and to maximize their impact, they have created a virtual machine to access more internal EA-specific content, such as source code.
The EA Services investigation into the breach revealed that there was no data on the players and no subsequent fears about privacy. They said security had been tightened and that U.S. security services had been alerted to launch a criminal investigation.