EA Server Hacked And Used To Phish Apple ID Credentials From Unsuspecting Users

If you wanted proof that hackers are becoming progressively more ingenious every day, then let’s examine the latest stunt pulled by “Derp”, the group that claimed the credit for the EA server exploit. Taking advantage of the outdated software platform utilized for the online calendar of the server, the hackers were able to implement their own fake version of the website into it. The said website requested users who wanted to access iTunes and similar Apple services to input their credentials first; the information, free from the encryption layers, was sent directly into the databases of the hacking group. Neat, huh?

A temptation that hackers cannot resist

As previously mentioned, the server vulnerability exploited by the hacker group consisted of an outdated software code. According Paul Mutton of Netcraft (the company that brought this issue to light) the sheer existence of outdated software platforms constitutes an open invitation for all hacker groups out there to come in and reap the benefits. In addition, popular logic dictates that where there’s one vulnerability, there are more to be discovered. What self respecting hacker could resist poking and prodding such a treasure?

Why did they target EA servers?            

The policy of the publishers over the course of the last few years has without a doubt made several people angry. However, in this case “Derp” didn’t hack the server as an act of revenge. In fact, the ownership of the system was irrelevant to them. You see, according to Michael Sutton of Zscaler, the trend of utilizing legitimate and credible sites for malicious purposes is becoming increasingly popular among hacker groups.

To put it simply, determining users to perform a certain action – whether we’re talking about downloading an infected file, inputting their passwords, clicking certain links, etc. – is much easier when they think you’re legit. When a website like EA asks you to log into your account (therefore, using the account name and the password), you don’t think twice about doing it. On the other hand, when you get the same request from www6.hackingattemptnumber17.com/suckerbait.html, it’s not hard to figure out what’s really going on.

You can breathe easy, it was fixed!

An EA spokesman stated in a BBC interview that after Netcraft discovered and pointed out the fake website, the problem was isolated and resolved. At the same time, the outdated software that constituted the vulnerability of the server was brought up to code, in order to ensure such attacks won’t happen again.

Do we actually believe that we’re completely safe from hacking attempts? Not really. There will always be clever ways to bypass protection, no matter how much it’s advertised as impenetrable. And, there will always be people smart enough to discover them. However, with a bit of caution, you stand a chance to prevent them from stealing your personal date.

Minimizing data theft risks online

When you’re asked by a website to input your account and password, don’t forget to check that you’re using the HTTPS protocol (the padlock next to the address) and not the unsecured HTTP. Also, it pays off to check that the website you’ve just entered matches the name of the one you typed in the address bar, to ensure that you haven’t been redirected to a clone set up with malicious intents. Keep in mind that redirection is one of the simplest yet most effective tools in a hacker’s arsenal.

Avoid downloading and opening executable files (extensions such as .exe, .com, .bat, etc.) if you are not certain about their provenience. Without denying that certain apps have patches, DLCs and other things that you have to install, double check to ensure that the source of the files is legit.