Hackers used Slack to hack Electronic Arts computer systems

Hackers of a cybercriminal group that stole over 780 gigabytes of confidential data from Electronic Arts used the Slack messenger. The criminals hacked into the networks of the video game publisher by tricking one of its employees through a corporate messenger.

This was announced by one of the members of the group in an interview with Motherboard.

As a reminder, criminals stole the source code of the video game FIFA 21 and related matchmaking tools, as well as the source code of the Frostbite game engine, and other internal game development tools. According to the hackers, they managed to get 780 GB of data, which they put up for sale on various underground forums.

According to a member of the group, the criminal operation began with buying stolen cookies on the Internet for $ 10 and using them to gain access to the Slack channel used by employees of EA. Cookies can store credentials for specific users and potentially allow hackers to log into services on behalf of someone else. In this case, hackers were able to break into Slack EA using a stolen cookie.

Once in the chat, we sent a message to the IT support staff and explained that we had lost the phone at a party last night.a spokesman for the group said.

The hackers then requested a multifactor authentication token from EA IT to gain access to EA’s corporate network. Once on the EA network, hackers gained access to EA’s service for compiling games. They successfully logged in and created a virtual machine giving them more information about the network, and then accessed another service and downloaded the game’s source code.

A representative of the hackers provided the publication with screenshots as confirmation of various stages of the hacking, including the Slack chats themselves. A spokesman for the hackers also provided Motherboard with a number of documents that they said were stolen in the hack. They include a selection of PlayStation VR stories, how EA creates digital stands in FIFA games, and papers on artificial intelligence in games.

We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen. No player data was accessed, and we have no reason to believe there is any risk to player privacy. Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.EA officials said in an earlier statement.

I think you will also be interested in the article: How to avoid spam and phishing scams in email?

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button