EA hack reportedly used stolen cookies and Slack to target gaming giant
A little bit of social engineering can go a long way
New details have emerged regarding how the cybercriminals behind the recent EA hack were able to gain access to the company's corporate network and steal 780GB of source code, SDKs and other proprietary tools.
According to a new report from Vice's Motherboard, the hackers responsible were allegedly able to break into EA's network by tricking one of its employees to provide a login token over Slack.
The news outlet spoke with a representative for the hackers over online chat who explained that the attack, which led to a data breach, first began by purchasing stolen cookies on the Dark Web for just $10. These cookies were then used to gain access to a Slack channel used internally by EA.
- We've built a list of the best endpoint protection software around
- Keep your devices virus free with the best malware removal software
- Also check out our roundup of the best firewall
While clearing the cookies from your web browser isn't difficult, failing to do so can have huge implications as they can be used to save login details for websites and other online services. In this case, the stolen cookies purchased by the hackers allowed them to gain access to one of EA's Slack channels. Finding one of the company's Slack channels was also likely easy for the attackers as Motherboard reported last year that an ex-engineer from the company had left a list of them in a public facing code repository.
Breaching EA's network
After gaining access to one of EA's Slack channels, the hackers then messaged the company's IT department for support explaining that they had lost their phone at a party the previous night.
From here, they requested a multifactor authentication (MFA) token which they used to gain access to the company's corporate network. Apparently this 'trick' worked successfully two times according to the hackers' representative.
Once inside EA's network, the hackers discovered a service used by developers at EA for compiling games and were able to successfully log in. By creating a virtual machine, they gained more visibility into the network which allowed them to access an additional service and begin downloading the source code for FIFA 21 and the Frostbite engine.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
EA is currently in the process of investigating the data breach and the company is also working with law enforcement agencies to determine the full extent of the hack.
- We've also featured the best antivirus
Via Vice
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.