Categories
Tech News

The EA hack was worryingly simple

EA Games’ huge game theft, which saw source code for FIFA 21 and other key titles stolen, hinged on a $10 cookie and some disturbingly simple social engineering, according to the hackers responsible. Electronic Arts confirmed it had been the victim of the cybercrime earlier this week, with around 780GB of data – including game code and more – yanked from its servers.

The loss of the source code for one of its highest-profile titles would be bad enough, but the hackers also made off with copies of EA’s matchmaking code for FIFA 21, along with source code and tools for Frostbite, and various frameworks and SDKs. EA has said that it does not believe customer data was impacted, however.

“No player data was accessed, and we have no reason to believe there is any risk to player privacy,” EA said in a statement. “Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business.”

However the exact mechanism for just how the hackers managed to access the data has been revealed, and it’s ominously simple. In an interview with Motherboard, a representative says that the whole thing hinged on acquiring a stolen cookie that was being sold online. That cost all of $10.

Cookies are one of the most commonplace convenience features of the internet and web services, responsible for saving login data and sessions. With them, you can avoid having to enter your authentication credentials every time you visit the same webpage, for instance, and they can also be used to record a log of visits. However what few may realize is that there’s also a marketplace for stolen cookies online, sold for nefarious purposes.

In this case, with the EA cookie, the hackers were able to access the game company’s Slack. That’s the internal messaging platform EA uses for its various teams to collaborate and, vitally, to communicate with divisions like IT Support.

“Once inside the chat we messaged a IT Support members we explain to them we lost our phone at a party last night,” the hackers’ representative explains. That led to the support team issuing two authentication tokens with which access to the EA corporate network was possible. Beyond that, it was a matter of accessing the various source code servers and making copies of what they found.

EA confirmed the mechanism by which the hack had run, and has said it is working with law enforcement in the aftermath of the exploit.

It’s a reminder that, while two-factor authentication and other advanced security may present significant obstacles to hackers, humans often remain the most readily-exploited element of the overall system. EA certainly isn’t the only company to discover this in an embarrassingly public way, with many high-profile hacks resulting from the perpetrators managing to convince employees that their requests are innocuous or genuine.

Repost: Original Source and Author Link

Categories
Game

PS5 DualSense thumbstick drift reports are worryingly common

For years now, we’ve been hearing Nintendo Switch owners register complaints about thumbstick drift on their Joy-Con controllers, and now it seems like PlayStation 5 owners will be joining them. The PlayStation 5 is only a few months old but there are already reports of thumbstick drift making the rounds, suggesting that PS5 buyers could be in for the same frustrations as Switch owners.

Kotaku has collected a few examples of users reporting DualSense drift, linking to several Reddit posts that show video of the drift in action, and another Reddit post where a user reports experiencing drift just 10 days after getting their console. The worry, of course, is that as time goes on and these controllers age, the incidence of thumbstick drift will only go up.

For now, it seems to soon to say if this is just a defect in some controllers or if its an indication of a larger problem, but what happens if you do encounter a DualSense controller with drifting issues? At the moment, you should prepare for a long wait to get in touch with PlayStation support, as Kotaku reports that Sony’s customer service lines are currently inundated with people looking for a PlayStation 5. After getting in touch with a customer service rep, Kotaku says that it was told drift is covered under warranty, though users will have to pay to ship their controller to Sony for repairs (return shipping is apparently covered).

All in all, this isn’t a particularly great sign for the DualSense, which is an otherwise incredible controller. It seems that modern controllers in general have some kind of issue with thumbstick drift, as it was reported in the Xbox One controller, DualShock 4, and other gamepads from even further back in time.

It could be that thumbstick drift is a problem that’s just here to stay to some extent, but that’s not going to be a comforting thought to those who are currently experiencing it in brand new DualSense controllers or have experienced it in the past with others. We’ll see if more reports of DualSense drift surface in the future, so stay tuned for more.

Repost: Original Source and Author Link