Report: EA Web Sever Hacked, Used for Phishing Scam

A web server belonging to Electronic Arts has been hacked and is now hosting a phishing website, according to what Paul Mutton from internet security firm Netcraft uncovered. Mutton said that hackers probably exploited a vulnerability in an online calendar application hosted on the web server to gain entry. The hacking group Derp has claimed responsibility for the hack and the phishing scheme. EA said that it is investigating Netcraft's claims.

The phishing scheme apparently ask users for a bunch of personal information like Apple IDs, credit card information and other personal info.

"The mere presence of old software can often provide sufficient incentive for a hacker to target one system over another, and to spend more time looking for additional vulnerabilities," he wrote.

One users give out all their personal information to the fake site, they are passed on to a legitimate Apple ID website to avoid detection.

Mutton says that he has informed EA about the site, but that it appeared to be online still the last time he checked.

You can read his entire post on the subject here.

Source: BBC

Tweet about this on TwitterShare on FacebookShare on Google+Share on RedditEmail this to someone

One comment

  1. 0
    Scott1701c says:

    I never understood why anyone would defend this kind of hacking saying stupid stuff like “*company* should have done *bla bla bla*”

    To me, that is like someone saying “Well they would not have broken into your house if you installed Iron doors, walls, and the latest in security.”

    Really, the criminals should not be hacking in the first place, and the criminal penalties should be higher. (I know, the Internet is still mostly anonymous. But if too many more of these incidents happen, it wont be for much longer.)

Leave a Reply