How hackers used Slack to break into EA games

0
EA

Image: Chesnot / Getty Images

Piracy. Disinformation. Monitoring. CYBER is Motherboard’s podcast and feature story on the dark underbelly of the Internet.

The group of hackers who stole tons of data from game publishing giant Electronic Arts broke into the company in part by tricking a Slack employee into providing them with a login token, Motherboard has learned.

The group stole the source code of FIFA 21 and related matchmaking tools, as well as source code for the Frostbite engine that powers games like Battlefield and other internal game development tools. In total, the hackers claim to have 780 GB of data and promote it on various underground forums. EA previously confirmed the data affected by the motherboard breach.

A hacker rep told Motherboard in an online chat that the process started with buying stolen cookies sold online for $ 10 and using them to access a Slack channel used by EA. Cookies can save the login information of particular users and potentially allow hackers to log in to services as that person. In this case, the hackers were able to gain access to EA’s Slack using the stolen cookie. (While not necessarily logged in, in February 2020, Motherboard reported that a group of researchers discovered that a former engineer had left a list of EA Slack channel names in a public code repository.)

“Once in the chat, we texted an IT support member explaining that we lost our phone at a party last night,” the rep said.

Do you work at EA? Do you know anything else about this breach? We would love to hear from you. Using a non-business phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected], or send an email to [email protected]

The hackers then requested a multi-factor authentication token from EA IT support to gain access to EA’s corporate network. The representative said this had been successful on two occasions.

Once inside EA’s network, the hackers found a service for EA’s developers to compile games. They successfully connected and created a virtual machine giving them more visibility on the network, then went to another service and downloaded the source code for the game.

The hacker rep provided screenshots to help corroborate the various stages of the hack, including the Slack threads themselves. EA then confirmed to Motherboard the contours of the description of the breach given by the hackers.

In its previous statement, EA said, “We are investigating a recent intrusion incident into our network where a limited amount of game source code and associated tools have been stolen. No player data has been viewed, and we have no reason to believe that there is a risk to player privacy. Following the incident, we have already made security improvements and do not expect any impact to our games or operations. We are actively working with law enforcement and other experts in this ongoing criminal investigation. “

The representative of the hackers also provided Motherboard with a series of documents which they claim were stolen as part of the hack. They include an assortment of material on PlayStation VR, how EA creates digital crowds in the FIFA games and materials on AI in games. Sony, owner of the PlayStation brand, did not respond to a request for comment.

Share.

About Author

Leave A Reply