It seems the bad news just keeps coming for EA. Researchers at ReVuln claim that Origin, the digital game store operated by the publisher, is susceptible to a major exploit that could allow hackers to secretly install malicious code on a player's computer. The vulnerability was demonstrated on stage at the Black Hat Europe Conference, where Donato Ferrante and Luigi Auriemma managed to assume control of a PC with Origin and Crysis 3 installed.
The exploit takes mere seconds to pull off, according to Ars Technica, and relies on a weakness in the way Origin launches games; instead of opening the desired title, hackers can craft a malicious link that would instead help them overtake a player's PC. The loophole affects both the PC and Mac versions of Origins and could potentially impact millions of users. Thankfully Ferrante and Auriemma are quick to note they've seen no evidence of the exploit making its way to the wild. Even so, they say one measure of protection is to prevent Origin from launching games via desktop shortcuts. EA has said it's investigating the exploit.