For $10 USD, cyber criminals purchased Slack cookies to hack into EA Games Network

During the past week it was confirmed that Electronic Arts (EA) computer systems were compromised, an incident that led to the leak of confidential information. While customer data was not affected, threat actors did manage to access the source code of some games and related tools.

According to Vice’s researchers, hackers managed to extract the source code of video games such as FIFA 21 and the Frostbite engine, in addition to other tools developed by the studio. Reports indicate that this hacking group plans to sell the compromised information on the black market, adding that they have more than 780 GB of stolen information under their control. After the incident, an EA representative reported that the company had implemented some measures to improve the security of its systems.

On Monday, an alleged threat actor contacted Vice’ investigators to share some details about the attack. Apparently, it all started with the purchase of a package of stolen cookies in order to access one of the video game company’s Slack channels. It is believed that the hackers could have acquired the compromised cookies for less than $10 USD in some illegal forum on the dark web.

The threat actors then sent various messages to the company’s IT team posing as an employee who had lost his phone in which he stored a multi-factor authentication token. From there, cybercriminals were able to create a virtual machine to find the compromised code and download it, including FIFA 21 pairing tools for modes like Ultimate Team.

Researchers say the alleged hacker also sent them multiple screenshots as evidence of the attack. The researchers also mention that, given the characteristics of the attack, it is possible that the hackers knew some of the company’s basic security practices and routines.

On the other hand, EA is optimistic about its immediate operations, since they believe that the incident will not affect the user experience in any way. The release of the company’s upcoming titles will also take place as planned before this attack.

Cybersecurity experts mention that this incident is similar to the one that occurred in CD Projekt Red, a company that develops titles such as Cyberpunk 2077 or The Witcher saga. In both cases, the affected companies had to adopt new security measures and tools to prevent similar incidents from occurring again.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.