flaccid: New information about the cyber attack on Electronic Arts (EA), confirmed Thursday (10), has become public. According to Vice, one of the security vulnerabilities that enabled the move was human error, as criminals allegedly tricked an employee of the company by limp. The victim, in turn, would have been led to open the doors for the “attack”.
In an interview with the vehicle, one of those responsible for the invasion explained the process. First, there was the purchase of cookies stolen and sold online for US$10, which gave access to the communication platform used by the company. The “tools” contain real user data such as logins and passwords.
“Once in chat, we messaged a member of IT support and explained to him that we had lost our phone at a party the night before,” said the source. Then they asked for multi-factor authentication to access the corporate network. They got the “key” twice.
Already introduced to the internal network, the attackers found a service dedicated to developers that was used to compile games. They connected to it and then successfully created a virtual machine, expanding the terrain they could explore. Finally, with another solution, they downloaded the source code for the product.
To prove what they claimed, they presented screenshots of the step by step, revealing, including the conversations in limp.
In addition to the details described above, the publication includes highlights, other documents provided include details related to the PlayStation VR, how Electronic Arts creates digital crowds in FIFA games, and the artificial intelligence employed by the company.
While Sony has not responded to requests for comment, EA points out that there is no indication of any risk to players’ privacy.
“After the incident, we have already made improvements to security protocols and do not expect any impact on our products or our business. We are actively cooperating with authorities and other experts in this ongoing criminal investigation,” he emphasizes.