Incident Response, TDR

Hacked EA Games server puts Apple IDs and card data at risk

Apple ID accounts, payment card data and other personal information are at risk for victims of a fairly convincing phishing scam being hosted on a compromised EA Games server, according to UK-based internet security company Netcraft.

“The compromised server is used by two websites in the ea.com domain, and is ordinarily used to host a calendar based on WebCalendar 1.2.0,” according to a Wednesday Netcraft post. “This version was released in September 2008 and contains several security vulnerabilities which have been addressed in subsequent releases.”

Some of those vulnerabilities may enable an unauthorized individual to modify settings and execute arbitrary code, which is likely what allowed an attacker to compromise the EA Games server, according to the post.

The Apple ID phishing page looks like an authentic Apple website and asks users to input their usernames and passwords. A second page then asks for full names, payment card numbers, expiration dates and verification codes, dates of birth, phone numbers, mother's maiden names and other personal information essential to committing fraud.

Meanwhile, the post indicates a second phishing campaign targeting EA Games involves stealing credentials from users of Origin, which allows gamers to purchase PC and mobile games on the internet. The phishing website also looks authentic and asks for email addresses, passwords and security question answers.

“Netcraft has blocked access to all phishing sites mentioned in this article, and informed EA yesterday that their server has been compromised,” according to the post. “However, the vulnerable server – and the phishing content – is still online at the time of publication.”

A Netcraft spokesperson did not return a SCMagazine.com request for comment.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.