Posts

Cyber Security Canon: You Should Have Read These Books by Now



Hackers steal Electronic Arts source code | Information Age


Hackers hit Electronic Arts and tried to sell the data online. Image: Shutterstock

Video game developer Electronic Arts (EA) has been breached, with hackers stealing source code that could be used to engineer cheats for multiplayer games.

The bad actors posted on various hacking forums trying to find buyers for what they said was 780GB of ill-gotten data including debugging tools, API keys, and development kits for the popular FIFA 22 game as well as the source code for the Frostbite game engine.

“You have full capability of exploiting on all EA services,” said one advertisement on Raidforums.

They are trying to sell the data for US$28 million, according to Bleeping Computer.

Hackers posted ‘proof’ of the leak including screenshots of files they had access to and a .txt file that appears to be related to FIFA’s online code.

EA confirmed the intrusion, saying the hackers took a “limited amount of game source code and related tools”.

“No player data was accessed, and we have no reason to believe there is any risk to player privacy,” EA said.

“Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business.

“We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”

Some of EA’s largest titles like the FIFA and Battlefield series are built on the Frostbite engine which means its source code could be valuable for unethical game developers looking to copy some of EA’s success.

Bad actors used forums to try and sell the data.

Developers of cheats could also use the source code to find new exploits they can then sell to players who want to cheat in EA’s multiplayer games.

Last year, someone leaked the code for Valve’s Source engine that is used for its popular online games like Counter Strike: Global Offensive.

The company swatted back concern that the code could be used to engineer cheats by saying the bad actors had simply re-posted an older form of code that was leaked in 2018 and there was no reason for players to be alarmed.

Earlier this year, the developers behind the ill-fated Cyberpunk 2077 were hit with by

Source…

Confused how firewalls work? Here’s how they protect your information

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Firewalls on your computer do more than you think to protect your information. Here's how different programs work and what your computer might use.

Question: What does a firewall do and is it something I need to get?

Answer: In the early days of the internet, we often connected through a dial-up modem or some other form of direct connection.

When you connected in this way, your computer was assigned a “public IP address,” which meant that it was directly accessible by others on the internet.

It was important to install a software firewall to block direct access to your computer when you were connected to the internet. Popular consumer-focused firewalls like Zone Alarm also monitored outgoing traffic to alert the user when suspicious activity was detected.

Source…

NordLocker Details 1.2TB Database of Information Stolen via Custom Malware

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


(Image: Getty)

NordLocker said it’s uncovered a database containing 1.2TB worth of files, account credentials, and other sensitive information that was stolen using custom malware that spread via illegally downloaded software.

The company said that software included “illegal Adobe Photoshop 2018, a Windows cracking tool, and several cracked games.” Those stolen programs appeared to be functional, but they also included a “Trojan-type malware” that stole the information NordLocker discovered in this publicly hosted database.

This database was said to have contained data taken from 3.25 million Windows devices between 2018 and 2020. NordLocker said the malware operator “stole nearly 26 million login credentials holding 1.1 million unique email addresses, 2 billion+ cookies, and 6.6 million files” divided into 12 distinct categories.

The stolen data reportedly included files gathered from victims’ Desktop and Downloads folders as well as “cookies, credentials, autofill data, and payment information from 48 applications.” That list includes popular browsers, such as Google Chrome and Mozilla Firefox, as well as email apps like Outlook.

NordLocker said “the malware also photographed the user if the device had a webcam.” It was also said to have assigned unique identifiers to affected devices, which means all the stolen data could be linked to a particular system. From there it probably would have been trivial to link the information to a specific person.

Recommended by Our Editors

Unfortunately this kind of malware appears to be common: NordLocker said that “Nameless, or custom, trojans such as this are widely available online for as little as $100.” Anyone buying the malware could use it to gather sensitive data that could then be sold to other malicious actors or used in extortion schemes.

NordLocker said it contacted the cloud service provider used to host this database so it could be removed. It also shared 1.1 million unique addresses with Have I Been Pwned, a popular service that allows people to see if their personal information has been exposed in databases like the one described in this report.

This newsletter may contain advertising, deals, or affiliate links. Subscribing…

Source…