The WandMan logo
Security

How EA got breached by hackers using Slack?

The WandMan Team June 17, 2021 0 1 min read
1,038

It was simple and quick

Recently EA games was breached by hackers that involved gigabytes of private data stolen including the source code of some of their games.

The hacker group stole the source code for FIFA 21 as well as the source code for the Frostbite engine that powers game like Battlefield and other internal game development tools.

As a whole, the hackers claim they have 780GB of data and are advertising it for sale on the various dark web and hacking forums.

Now Motherboard is reporting that the group of hackers broke into the company in part by tricking an employee over Slack to provide a login token.

What actually happened?

One of the hackers from the group spoke to Motherboard via online chat and revealed the actual act that was performed as part of the breach.

It all started by purchasing stolen cookies for just $10 and using those to gain access to a Slack channel used by EA.

Slack – Messaging and Collaboration App

For starters, cookies are blocks of data that save the login details of particular users, and potentially let hackers log into services as that person.

In this case, the hackers were able to get into EA’s Slack using the stolen cookie.

The hackers then requested a multifactor authentication token from EA IT support to gain access to EA’s corporate network. The representative said this was successful two times.

Once inside the Slack chat, we messaged IT Support members we explain to them we lost our phone at a party last night and requested for MFA token.

– Alleged hacker group representative

After entering into EA’s network, the hackers found a service for EA developers for compiling games.

They successfully logged in and created a virtual machine giving them more visibility into the network, and then accessed one more service and downloaded game source code.

The representative for the hackers also provided screenshots to help corroborate the various steps of the hack, including the Slack chats themselves.

For just $10, the hackers purchased a cookie that allowed them to infiltrate a $5 billion company

Furthermore, the hacker also provided Motherboard with a series of documents they say were stolen as part of the hack.

It included confidential materials on PlayStation VR, how EA creates digital crowds in the FIFA games and documents about AI in games.

Follow our Facebook and Twitter page for more content and news. Subscribe to our newsletter, the option is in the right section.

Author

The WandMan Team

See author's posts

Tags :

The WandMan Team

View More Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Apple AirTags got hacked for real

Apple AirTags has reportedly been hacked by a German cybersecurity researcher. The researcher used reverse-engineering on the latest Apple device’s microcontroller to do this

May 15, 2021 0 1 min read

Activate 2FA on your Zoom account

Zoom has finally added two-factor authentication (2FA) support across its web portal, desktop client, mobile app, and Zoom Rooms. 2FA adds an additional layer of security which requires more details to make sure that the authorised user is accessing the account.

May 6, 2021 0 1 min read

Apple has killed Privacy for good

Apple is one of those companies which is famous for ‘Privacy’ and ‘Security’ bundled into its products. But it is not what it looks like.

August 9, 2021 0 2 min read

Protect your WhatsApp using these two inbuilt features

Protect your WhatsApp from third party snooping and secure it with these two in-built features. I will detail you the scenarios related to it and how we can protect from outside threats and attacks.

May 6, 2021 0 2 min read