Hackers were recently able to breach EA games servers and create a fake Apple ID log-in screen. The compromised EA game server is used by two websites in the ea.com domain and would typically be used to host a WebCalendar 1.2.0 calendar. Users of the game maker Electronic Arts website were directed to a fake website, where they were prompted to input their Apple ID, credit card numbers and other personal information. After submitting the information, the victim was then redirected to the legitimate Apple ID website.
Netcraft, discovered the breach and notified EA on Tuesday and by Wednesday, the phishing page was removed. EA spokesman John Resebury recently said “we have found it, we have isolated it, and we are making sure such attempts are no longer possible. Privacy and security are of the utmost importance to us.”
The compromised EA games server (which contains WebCalendar 1.2.0) is hosted within EA’s own network. Usually, compromised internet-visible servers are used as ‘stepping-stones’ by hackers to access data which would otherwise be invisible to the internet, however that wasn’t the case this time. The hacker managed to install and execute arbitrary PHP scripts on the EA games server so they could view the source code and data from the calendar and manipulate it.
Unfortunately, this isn’t the first time EA games servers have been the victim of hackers. The EA games servers have a history of being under attack with their online scrabble game and a server hosting the BioWare Neverwinter Nights forum being breached.
At Signal Networks, we can prevent these kinds of attacks happening to your company’s website or network. We specialise in IT security and provide a whole host of tests and assessments to review your current security structure, and identify vulnerabilities which can be rectified.