EA Origin Hack

Hello there fellow Tech Pirates! Long time, no see. Of course that’s because of me, but I’ll work on getting content out more regularly. I wanted to post up as soon as I could though, I had my EA account hacked earlier today and wanted to share the experience.

I first noticed some weirdness over the last few days, with it constantly saying I’m logged in elsewhere. I hate Origin with a passion, and as a result only have a few games on it. The games I have on it I typically don’t play enough to make it worth while installing the vapid software on any other computer in my house, including my laptop. Origin only resides on my dedicated gaming desktop. After some searching apparently this is a “known issue” that can be caused by a plethora of network problems. After restarting all my equipment and running ping tests it was still happening. I assumed that this was just Origin being utterly stupid, which was a mistake.

Next bit of weirdness came this morning, as I was playing Mass Effect 3 I noticed a “friend” going on-line and then off-line a lot. This “friend” was no one I knew, the display name was all numbers. I simply ignored this thinking, again, that Origin was just being a half-baked pile of software. Again… should have thought about it more.

The final thing that was the “ah ha!” moment, when after dinner I couldn’t log back into origin to continue playing ME3. I went through my various passwords (normally it’s saved and automatically logs in). Nothing worked. I resigned myself to resetting the password, checked my e-mail and then noticed… the e-mail is in Norwegian. I definitely don’t understand that language and I had to use the translate function to figure out that it was my reset link. I follow it, and it dumps me at a Russian reset screen. Crap… this isn’t good. Okay… well at least I know it’s the password screen. After trying several times to enter a secure password (symbols, long length, ect.) and getting a string of angry red Russian below the prompt, I use a less secure alphanumeric password for temporary purposes. It works. Log back into the website to find all of my personal information changed, except for e-mail and name. I could see some glitch setting my region to somewhere else… this is EA we’re talking about… but not everything else. After changing the password to something more substantial, then resetting all of the information, and adding the authentication for new devices option, I log back into the desktop app. My friends list only contains 3 names, and they’re no one I’ve ever added, or know. Add all the pieces together and it’s pretty obvious that someone absconded my account for personal use. Good thing is, no additional purchases (though I never allow Origin to save credit card info) and it seems to be running the way it should.

Moral of the story? Yes EA’s Origin is a vapid pile of feculence, but look a little closer when it does these weird things… it could be a warning that your account has been had. Also, Google Translate can save the day. Happy computing!