EA Games website hacked to steal Apple IDs

Share it:
EA Games website hacked to steal Apple IDs, EA games hacked, EA server hacked, NEWS on ES sports, hackers target Apple ID and password, apple id and password hacked, hacking with phishing, news on netcraft, netcraft technologies
An Internet services company, "Netcraft" which provides internet security services, including anti-fraud and anti-phishing services, application testing, code reviews, and automated penetration testing, have reported that EA (EA sports) server have been hacked and attacker had hosted a phishing page on the server which targets the Apple ID's accounts holders.

The hacked server which host Two ea.com domains, are being used to host a calendar based on WebCalendar 1.2.0. Netcraft points that, this version of web-calender contains many vulnerabilities which allows an unauthenticated attacker to modify settings and possibly execute arbitrary code. Moreover, hacker might have took the advantage of these vulnerabilities to hack the server. 

Hackers trick the users to submit Apple ID's and password, and on the second phrase it asked users (victim) to verify full name, card number, expiration date, verification code, date of birth, phone number, mother's maiden name, plus other details that would be useful. After submitting the all the details Victim was redirected to legitimate Apple ID website athttps://appleid.apple.com/cgi-bin/WebObjects/MyAppleId.woa/

EA Games website hacked to steal Apple IDs, EA games hacked, EA server hacked, NEWS on ES sports, hackers target Apple ID and password, apple id and password hacked, hacking with phishing, news on netcraft, netcraft technologies

The compromised server which host EA domains are further used to get the users details from the EA server. Hacker have managed to install and execute arbitrary PHP scripts on the EA server, so that he can trace the server admins and users for theirs activity. It can grab all the information of the server (as like users data some useful source code) as well all the updates made on the calender. 

Additionally, with the phishing page for Apple ID's, attacker have also hosted another phishing page which try to steal credentials from users of its Origin digital distribution platform. Phishing on the Origin directory ask the users email id and passwords. 

Earlier this year, EA server had been brought down because of hacking attempts, and a group called Derp Trolling have taken responsibility of the attack, which is made by the distributed denial of service attack. Team have made a tweet for this attack.
Share it:

Data Breached

News

Security

Post A Comment:

0 comments:

Follow by Email