A major vulnerability in Origin has been brought to light during the Black Hat Europe Conference
Researchers are ReVuln are reporting that there is a major issue with EA’s Origin which leaves computers that are using it open to hacking. The exploit is actually incredibly easy to carry out and should therefore be an easy one to fix as long as EA updates Origin in the very near future. The vulnerability arises due to an issue with the way that the program opens games. Gamers can use links to open different titles, and if those links are changed and replaced with malicious ones, then hackers can take over an entire system.
This vulnerability was demonstrated during the Black Hat Europe Conference where Donato Ferrante and Luigi Auriemma took over a computer by using Origin and Crysis 3. This can potentially affect millions of users since Mac and PC versions of Origin are both susceptible and the latest reports suggest that as many as 40 million gamers could be at risk.
Unlike in normal situations, the great people at the Black Hat conference announced the vulnerability to the public before privately allowing EA to fix the issue with Origin. Therefore you are most likely even less safe now that the vulnerability has been brought to worldwide attention.
The upside to this story is that there is a fairly easy fix for the vulnerability until EA can patch Origin. Sine hackers can only exploit a system using custom URI links starting with “origin://” a gamer that is not using custom URI links to open their games should be fine. Games can still be opened directly through Origin without any issue.
If you would like to eliminate any possibility of having your computer affected by this vulnerability, use Nirsoft’s URL Protocol View application to disable all “origin://” URI’s. Now that this issue has been brought to EA’s attention, a patch for Origin should be out soon.