New details have arisen about how the cybercriminals behind the recent EA Hack were able to gain access to the company’s corporate network and steal 780 GB source code, SDK and other owner tools.
According to a new report on the Vice motherboard, the responsible hackers supposedly were able to enter the EA network by deceiving one of its employees to provide a token of login on clearance.
The news exit spoke with a representative for hackers about online chat that explained that the attack, which led to a data violation, began to buy stolen cookies on the dark web for only $ 10. These cookies were used to get Access to a loose channel used internally by EA.
We have built a list of the best endpoint protection software around
Keep your devices free viruses with the best malware removal software
Also check out our Best Firewall Rodeo.
While cleaning the cookies of your web browser is not difficult, what you do not may have enormous implications, as they can be used to save logon details for websites and other online services. In this case, the stolen cookies purchased by hackers allowed them to access one of the loose channels of EA. Finding One of the company’s slacking channels was probably easy for attackers that the motherboard reported last year that a former engineer had left a list of them in a public code repository.
Violating the EA network
After gaining access to one of EA’s loose channels, the hackers then send to the company’s IT department to get support to explain that they had lost their phone at a party the previous night.
From here, they applied for a multifactor authentication token (MFA) that used access to the company’s corporate network. Apparently, this’ trick ‘worked successfully twice according to the hackers’ representative.
Once inside the EA network, hackers discovered a service used by developers in EA to compile games and could log in successfully. When creating a virtual machine, they gained more visibility to the network that allowed them to access an additional service and start downloading the FIFA 21 source code and the FrostBite engine.
EA is currently in the process of investigating the violation of the data and the company is also working with law agencies to determine the total extension of the hack.