New particulars have emerged relating to how the cybercriminals behind the current EA hack had been capable of achieve entry to the corporate’s company community and steal 780GB of supply code, SDKs and different proprietary instruments.
The information outlet spoke with a consultant for the hackers over on-line chat who defined that the assault, which led to a data breach, first started by buying stolen cookies on the Dark Web for simply $10. These cookies had been then used to achieve entry to a Slack channel used internally by EA.
Whereas clearing the cookies out of your web browser is not tough, failing to take action can have enormous implications as they can be utilized to save lots of login particulars for web sites and different on-line companies. On this case, the stolen cookies bought by the hackers allowed them to achieve entry to one in all EA’s Slack channels. Discovering one of many firm’s Slack channels was additionally probably simple for the attackers as Motherboard reported final yr that an ex-engineer from the corporate had left an inventory of them in a public dealing with code repository.
Breaching EA’s community
After getting access to one in all EA’s Slack channels, the hackers then messaged the corporate’s IT division for help explaining that that they had misplaced their telephone at a celebration the earlier night time.
From right here, they requested a multifactor authentication (MFA) token which they used to achieve entry to the corporate’s company community. Apparently this ‘trick’ labored efficiently two instances in keeping with the hackers’ consultant.
As soon as inside EA’s community, the hackers found a service utilized by builders at EA for compiling video games and had been capable of efficiently log in. By making a virtual machine, they gained extra visibility into the community which allowed them to entry a further service and start downloading the supply code for FIFA 21 and the Frostbite engine.
EA is at the moment within the strategy of investigating the information breach and the corporate can be working with legislation enforcement companies to find out the total extent of the hack.