***PSA*** Origin EA Account Hacked

[xBiffx]

Only reasonable explanation here. It's so easy to dismiss leaks and exploits as user error that people forget security breeches happen and are fairly common. We seem to get at least 1 or 2 major ones each year and numerous unpublished ones.

Agreed.

I will also ad a little tidbit of information. I went back through my spam folder in Gmail. There were several Russian language emails from Origin in there. Since I reported the original a while back as phishing, lots of the subsequent ones went into the spam folder.

Anyways, this hacker actually opened up a ticket with EA about a problem with the security question on the account. As is the case, EA told them to setup a call back number so they could contact them about the issue. The hacker actually did request a call back. From there, looks like EA let them in, changed the security question, and then the hacker was able to change the email address.

EA CAUSED THIS TO HAPPEN. Without EA's input, the hacker wouldn't have been able to change the email on the account. Still don't know how they got the password. I have a call back setup for EA to contact me so I can discuss this new info. The ticket doesn't indicate the number they wanted a call back on.

 

[xBiffx]

The plot thickens:

Just got off the phone with EA tech support, now for the third time. Well, long story short, they are escalating this investigation due to the new information I gave them.

During our conversation, the tech noted that the ticket was opened to discuss a security question issue for FIFA Ultimate Team and not my Origin account. I asked him WTF, I don't own that game. He looked at the details and it was added to the account back in October, but there is no indication of how. I can't see it in my purchase history on my account, neither can they. They see it as "just on the account." The purchase information isn't there and it doesn't even show how it was added.

I think this is the gigantic hole in EA's security. Somehow, they add this game and then use it as a "backdoor" into your account. I am still not convinced that someone on the inside of EA isn't assisting with this breech. The tech indicated that should a supervisor add a game, their information would have been there.

Oh, the tech also mentioned that my email and password had been changed prior to yesterday. He also said that he could see that the user who did it were verified before doing so. They knew the answer to my secret security question! I asked him how in the hell they could have gotten that information? The email and password are one thing but the answer to that question is personal and wouldn't be located anywhere.

Will update if I ever hear back from them on their investigation. Not holding my breath.

 

[Elixer]

Odd stuff.
I wonder if there is a key logger on your system ?

 

[xBiffx]

Odd stuff.
I wonder if there is a key logger on your system ?

I've checked every way I know how. Admittedly that's not everything but I don't think that there is one. If anyone has a good tool, I'm all ears.

 

[Elixer]

Have you tried spybot search & destroy, and malwarebytes anti-malware?
A bit more complex is https://github.com/volatilityfoundation/volatility

 

[xBiffx]

Have you tried spybot search & destroy, and malwarebytes anti-malware?
A bit more complex is https://github.com/volatilityfoundation/volatility

I used spybot. Haven't heard of the other one. Thanks for the link too. At this point I'm not sure it matters. I'm due for my annual format and start over ritual. That'll surely clean things up.

Thanks again for the pointers.