EA Origin is Electronic Art’s online PC game platform. It sells and acts as an online source for all games under their brand. There are approximately 300 million players who utilize EA Origin. According to security researchers from Check Point (A vulnerability research company), there is a huge security flaw that could affect many players.
The security flaw allowed hackers to steal people’s accounts without using the user’s logins and passwords. They could steal a Single Sign-On authorization token which Origin provides for players to stay signed in. This can be stolen without any user participation. Similar occurrences have happened to Fortnite and Facebook accounts. Through this loophole, hackers could gain access to EA’s subdomain and send malicious pages to players through EA websites. This could fool players as it would be their an actual EA website rather than a fake.
CyberInt and Check Point told EA back in Feb 19th but it still looks like they haven’t fixed it. However, EA’s Head of Security stated they are currently working on fixing it.
If you’re using EA Origin, be careful on whatever websites you are sent from EA.
