EA hack reportedly used stolen cookies and Slack to target gaming giant
A little bit of social engineering can go a long way
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
New details have emerged regarding how the cybercriminals behind the recentEA hackwere able to gain access to the company’s corporate network and steal 780GB of source code, SDKs and other proprietary tools.
According to anew reportfrom Vice’sMotherboard, the hackers responsible were allegedly able to break into EA’s network by tricking one of its employees to provide a login token overSlack.
The news outlet spoke with a representative for the hackers over online chat who explained that the attack, which led to adata breach, first began by purchasing stolen cookies on theDark Webfor just $10. These cookies were then used to gain access to a Slack channel used internally by EA.
While clearing the cookies from yourweb browserisn’t difficult, failing to do so can have huge implications as they can be used to save login details for websites and other online services. In this case, the stolen cookies purchased by the hackers allowed them to gain access to one of EA’s Slack channels. Finding one of the company’s Slack channels was also likely easy for the attackers asMotherboardreported last year that an ex-engineer from the company had left a list of them in a public facing code repository.
Breaching EA’s network
After gaining access to one of EA’s Slack channels, the hackers then messaged the company’s IT department for support explaining that they had lost their phone at a party the previous night.
From here, they requested a multifactor authentication (MFA) token which they used to gain access to the company’s corporate network. Apparently this ‘trick’ worked successfully two times according to the hackers' representative.
Once inside EA’s network, the hackers discovered a service used by developers at EA for compiling games and were able to successfully log in. By creating avirtual machine, they gained more visibility into the network which allowed them to access an additional service and begin downloading the source code forFIFA 21and theFrostbite engine.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
EA is currently in the process of investigating the data breach and the company is also working with law enforcement agencies to determine the full extent of the hack.
ViaVice
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new malware utilizes a rare programming language to evade traditional detection methods
A new form of macOS malware is being used by devious North Korean hackers
ICYMI: the week’s 7 biggest tech stories from Kindle Colorsoft yellowing woes to our PS5 Pro review
