HomePlatformPCOrigin Users at Risk from Origin Store Hack

Origin Users at Risk from Origin Store Hack

origin-logo

Detailed in a paper by Luigi Auriemma and Donato Ferrante of ReVuln, Origin users are at risk from a fairly simple hack used in the Origin store. What is basically done is that when the player opens a game, a hacker can replace some code so that the player actually opens a malicious link. The graph below visualizes this idea.

Origin-hacking.jpg

In the paper, the authors describe how this can be done, in addition to how they can find the essential player data in order to pull off the hack.

An attacker can bruteforce the Game ID field in the URI in order to find a vulnerable game installed on the victim’s system […] This way,an attacker can perform a no-look attack against remote systems,without having any knowledge of the specific games installed on the remote system itself.

A proper way to prevent this is to set your browsers to prompt or disable the origin:// handler. The paper itself goes into further detail. All machines with the Origin software installed are at risk, including non window machines. If your browser supports custom URI handlers, you are at risk.

Mari Shishido
Mari Shishido
Yo i like video games and stuff