The ability to infiltrate a remote computer via uniform resource identifiers (URI) exploits is nothing new, per se. A hacker gets someone to click on a link, which actually opens up the victim's system to the infiltration of malware. But as reported by Ars Technica, research group ReVuln has found a potentially dangerous URI exploit within EA's Origin client which could leave as many as 40 million gamers vulnerable.
The ReVuln team gave a presentation last week at the Black Hat security conference in Amsterdam. Apparently, getting someone to click on an "origin://" prefixed link is all it takes, as the Origin client then downloads a dynamic link library file to the victim's computer. The ReVuln team has also released a paper, detailing the exploit, which mentions a similar vulnerability discovered in Valve's Steam platform last year.
Speaking to Ars Technica, Electronic Arts says the company is aware of the issue, and seems to be addressing the problem in some manner.
"Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure," said an EA spokesperson.
Image Source: ReVuln
Exactly what "investigations" the company is taking part in at the moment remains unclear. But you can protect yourself from attack by taking a few, easy steps. First of all, make sure you're being prompted before linking to any game in Origin, and take a good look at the URL path; if something seems out of place, don't click the link. Secondly, you can just stay away from origin:// links altogether. As noted by Slash Gear, you can use an app like URL Protocol View to avoid becoming a statistic.
Matt Clark is a freelance writer covering the world of videogames, tech, and popular culture. Follow him on Twitter @ClarkMatt and MyIGN at Matt_Clark.
Source : ign[dot]com
No comments:
Post a Comment