Origin gaming platform was not well protected, the Check Point research team discovered. In a blog, the team explains how the game account could be taken over.
Games can be purchased with Origin. Then the program allows users to install these games and launch them on their computer. The platform is from game maker and publisher Electronic Arts (EA), known for games like FIFA and The Sims .
Users log in to Origin with an account to gain access to the games, but this contained a vulnerability. The researchers were able to take over an account by abusing an old subdomain. Malicious people could send users a link with which they could get a login token from a user. With this token they could log in directly to the account.
Check Point has already reported the leak to EA and the playmaker has closed the leak in a recent version of Origin. It is not known whether the leak was also misused.
It is recommended to enable two-step verification for these types of accounts.