Yesterday the massive data breach by Electronic Arts was announced (EA) which resulted in the theft of approximately 780 GB of data containing the source code of FIFA 21 and Frostbite.
Παρόλο που ο κώδικας δεν διατίθεται (ακόμα) στον ιστό, οι hackers δημοσίευσαν screenshots από το κλεμμένο περιεχόμενο σαν απόδειξη κατοχής του κώδικα. Σήμερα, μια νέα αναφορά στο Motherboard gives more information about how the attack was carried out.
Hackers claim to have started buying stolen cookie for $10 from the web. These cookies contained login credentials to an EA employee Slack channel. They were used for hackers to gain access to a Slack channel, masquerading as internal employees.
Then, once they had access to EA employees' Slack channel, they contacted IT Support to request multiple agent insignia, saying "I lost my phone at a party last night". The insignia were given and of course used to access the EA corporate network.
Once they entered the network, they discovered one service used by game developers.
They then created virtual machines on the server and gained access to the source code. Motherboard reports that a company spokesperson gave screenshots of Slack conversations and various other things to confirm how the hack was done.
In addition to the leaked source code, the hackers gained access to documents related to the PlayStation VR, AI in games, and more.