Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
209805 ZDNET 2021-6-10:
Hackers selling access to FIFA matchmaking servers and other games after EA attack
1.000 Find similar Compare side-by-side
209774 TECHREPUBLIC 2021-6-11:
Fallout of EA source code breach could be severe, cybersecurity experts say
0.884 0.724 Find similar Compare side-by-side
209770 ARSTECHNICA 2021-6-10:
EA source code stolen by hacker claiming to sell it online
0.308 0.637 Find similar Compare side-by-side
209732 THEVERGE 2021-6-11:
Cyberpunk 2077 developer says its hacked data is circulating online
0.009 0.466 Find similar Compare side-by-side
209788 THEVERGE 2021-6-11:
Jedi: Fallen Order’s next-gen update will let you go from disc to digital
0.408 Find similar Compare side-by-side
209949 ARSTECHNICA 2021-6-11:
CD Projekt Red does an about-face, says ransomware crooks are leaking data
0.363 Find similar Compare side-by-side
209723 ARSTECHNICA 2021-6-9:
Mystery malware steals 26M passwords from millions of PCs. Are you affected?
0.334 Find similar Compare side-by-side
210081 TECHREPUBLIC 2021-6-11:
McDonald's suffers cyberattack in US, South Korea and Taiwan
0.331 Find similar Compare side-by-side
209836 ZDNET 2021-6-8:
Constituent platform used by Congress hit with ransomware as NYC faces legal department hack
0.330 Find similar Compare side-by-side
209459 THEVERGE 2021-6-9:
The classic Simpsons arcade cabinet is getting rereleased thanks to Arcade1Up
0.324 Find similar Compare side-by-side
209673 ZDNET 2021-6-10:
Ransomware: Meat firm JBS says it paid out $11m after attack
0.321 Find similar Compare side-by-side
209769 ZDNET 2021-6-11:
DOJ charges cybersecurity official for attack on Georgia hospital
0.317 Find similar Compare side-by-side
209551 ARSTECHNICA 2021-6-9:
Battlefield 2042 will host 128-player combat on PC, next-gen consoles Oct. 22
0.315 Find similar Compare side-by-side
209839 ZDNET 2021-6-9:
Cryptojacking now added to list of cryptocurrency threats
0.303 Find similar Compare side-by-side
210108 ZDNET 2021-6-14:
Volkswagen, Audi disclose data breach impacting over 3.3 million customers, interested buyers
0.300 Find similar Compare side-by-side
209531 TECHREPUBLIC 2021-6-8:
3 things you might not know about modern ransomware and how Nefilim makes money
0.297 Find similar Compare side-by-side
210107 ZDNET 2021-6-14:
Codecov to retire the Bash script responsible for supply chain attack wave
0.289 Find similar Compare side-by-side
209677 THEVERGE 2021-6-11:
McDonald’s suffers data breach in the US, South Korea, and Taiwan
0.289 Find similar Compare side-by-side
210038 VENTUREBEAT 2021-6-13:
A question no one is asking about the Colonial Pipeline ransom attack
0.283 Find similar Compare side-by-side
209625 ZDNET 2021-6-7:
Patch now: Attackers are hunting for this critical VMware vCentre flaw
0.281 Find similar Compare side-by-side
209635 ZDNET 2021-6-7:
GitHub: Here's how we're changing our rules around malware and software vulnerability research
0.277 Find similar Compare side-by-side
209658 ZDNET 2021-6-8:
A deep dive into Nefilim, a ransomware group with an eye for $1bn+ revenue companies
0.276 Find similar Compare side-by-side
209627 ZDNET 2021-6-7:
Ransomware warning: There's been another spike in attacks on schools and universities
0.272 Find similar Compare side-by-side
209713 THEVERGE 2021-6-10:
Xbox’s Summer Game Fest event featuring more than 40 demos starts June 15th
0.269 Find similar Compare side-by-side
209803 TECHREPUBLIC 2021-6-10:
Microsoft Exchange Server vulnerabilities, ransomware lead spring 2021 cyberattack trends
0.266 Find similar Compare side-by-side

1

ID: 209805

URL: https://www.zdnet.com/article/hackers-selling-access-to-fifa-matchmaking-servers-and-other-games-after-ea-attack/

Date: 2021-06-10

Hackers selling access to FIFA matchmaking servers and other games after EA attack

According to a message from attackers, 780 GB were stolen from EA during the hack. Gaming giant Electronic Arts has been hacked and the cyberattackers are now selling access to the company's games and servers, according to screenshots of underground hacking forums obtained by Motherboard.  Messages found on the hacking forums indicate the attackers took 780 GB of data from the company and have full access to FIFA 21 matchmaking servers, FIFA 22 API keys and some software development kits for Microsoft Xbox and Sony. They also purport to have much more, including the source code and debugging tools for Frostbite, which powers EA's most popular games like Battlefield, FIFA, and Madden. "You have full capability of exploiting on all EA services," one attacker's message said, noting that there are hundreds of million of registered EA users around the world and nearly nine million FIFA users. The messages included samples of what was stolen and indicate that the attackers are selling the batch of data and access for $28 million.  In a statement to ZDNet, an EA spokesperson said it was not a ransomware attack and claimed a "limited amount of game source code and related tools were stolen" during the attack. The company said it does not expect any impact to its games or business.  "No player data was accessed, and we have no reason to believe there is any risk to player privacy," the EA spokesperson said. "We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation."  The cyber research and intelligence team for BlackBerry shared screenshots with ZDNet of the notes from someone behind the attack. Eric Milam, vice president of Research and Intelligence at BlackBerry, said EA was probably targeted because "saying you hacked EA is like saying you hacked Blizzard." With the source code of multiple video games, the attackers could compile and sell a game before it comes out, as well as add their own backdoors to certain games. Something like this would "give them access to a lot of computers." "Source code allows for review of everything that's there without the need to reverse engineer. The source code could also help them understand the type of security around information and payment exchanges," Milam said. "The source code could contain hardcoded credentials, keys, etc which can be used elsewhere or allow additional remote code capabilities." EA is far from the first gaming company to be hacked, with both Capcom and CD Projekt suffering from attacks in the last year. CD Projekt disclosed a ransomware attack in February and Capcom announced a hack in November that is now having far-reaching legal consequences for the company.  EA itself was hacked in 2011 and had to deal with a slate of vulnerabilities discovered in 2019.  Rajiv Pimplaskar, chief risk officer for cybersecurity company Veridium, said that like Capcom, there could be several downstream consequences such as loss of customer account credentials, biographic data, and more on top of the intellectual property losses. "EA makes over $2.7 billion from microtransactions or in-game purchasing. App developers today have a higher responsibility to protect consumers and need to increasingly incorporate digital identity, authentication and privacy measures at a code level for improving cyber defense and mitigating fallout from such forms of theft," Pimplaskar added.  Erich Kron, security awareness advocate at KnowBe4, told ZDNet it was strange that the attackers did not attempt to ransom the data back to EA before selling it on the open market. He noted that the proprietary information found in the leak may be valuable to competitors or may include information or vulnerabilities that could be used in future attacks against EA products or customers with installed EA games.  Many experts added that the theft of game source code was particularly damaging for a company like EA, which has popular brands like FIFA, Madden, Battlefield, Star Wars: Jedi Fallen Order, The Sims, and Titanfall.  "Game source code is highly proprietary and sensitive intellectual property that is the heartbeat of a company's service or offering. Exposing this data is like virtually taking its life," said Saryu Nayyar, CEO of Gurucul.  "The heartbeat has been interrupted and there's no telling how this attack will ultimately impact the life blood of the company's gaming services down the line." How one hacker exposed thousands of insecure desktops that anyone can remotely view Blame badly configured software used on thousands of internet-connected machines. Read More