Vulnerability allows attackers to install malware on a user's system remotely

Origin bug makes PCs vulnerable to hijack

Researchers have uncovered a bug within EA’s Origin service, which could leave over 40 million people vulnerable to malicious attacks.

The attack, which was demonstrated to the firm, takes just seconds to compete and allows attackers to remotely execute malicious code on a user’s computer.

By manipulating the uniform resource identifiers, which Origin users to automatically start games on a user’s system, the bug is able to exploit flaws in the service and use the platform as a method of attack.

It is believed that attackers will be able to install malicious software on Origin users’ systems via the exploit.

"The Origin platform allows malicious users to exploit local vulnerabilities or features by abusing the Origin URI handling mechanism," said ReVuln researchers Donato Ferrante and Luigi Auriemma after demonstrating the vulnerability.

"In other words, an attacker can craft a malicious Internet link to execute malicious code remotely on [a] victim’s system, which has Origin installed."

Check Also

Bridging the cybersecurity gap in remote working

Pete Watson, CEO at Atlas Cloud discuses how how businesses can act to guard against …