Hackers have broken into an Electronic Arts games server and are using it to host a phishing site that steals Apple IDs, according to a report from security firm Netcraft.
The firm published the report some 10 hours ago and contacted EA Games to alert the company to the vulnerability.
Researchers at Netcraft suspect that the hack takes advantage of a known security flaw in an old version of WebCalendar.
“The mere presence of old software can often provide sufficient incentive for a hacker to target one system over another, and to spend more time looking for additional vulnerabilities or trying to probe deeper into the internal network,” writes a Netcraft spokesperson.
The official statement from EA spokesperson John Reseburg: “We have found it, we have isolated it, and we are making sure such attempts are no longer possible. Privacy and security are of the utmost importance to us.”
The phishing site works like this: When visitors go to one of the targeted sites at EA.com, a fake popup appears asking them to submit an Apple ID and password. Victims are then redirected to a second form and asked to verify their full name, card number, expiration date, verification code, date of birth, phone number, and other details that would be useful to commit fraud. After the users submit these details, the page redirects them to the Apple ID website.
Netcraft also reported that EA Games is currently being targeted in other phishing attacks to steal user data from its Origin game distribution service — at a time when it’s seeing higher activity after the release of the sci-fi shooter Titanfall.
This wouldn’t be the first time. In May, a fatal flaw in EA’s Origin service may have enabled hackers to remotely execute software on a target’s Mac or PC, according to Malta-based security researchers ReVuln.