Origin vulnerability lets attackers hijack gaming machines

[Matthew DeCarlo]

Upwards of 40 million users of EA's Origin game platform could be open to a vulnerability that allows an attacker to remotely execute malicious code. Demonstrated by ReVuln on Friday at the Black Hat security conference in Amsterdam, the process requires Origin's client to be installed on the victim's machine and it can be exploited when the user clicks a specially crafted link.

The issue stems from Origin's use of specific uniform resource identifiers (URIs) to communicate with games. When it launches a title, it sends an "origin://LaunchGame/" URI that may also contain custom command line arguments known as "CommandParams." In ReVuln's demo for instance, the platform uses "origin://LaunchGame/71503" to open Crysis 3.

Because that link can contain CommandParams, an attacker could deliver a payload targeting software on your system with a couple of simple commands. For example, ReVuln says this would invoke the Nvidia benchmark framework and then download a tainted DLL: origin://LaunchGame//?CommandParams= -openautomate \\\openautomate.dll.

What's more, as we understand it, Origin doesn't even have to be running -- again, just installed -- and it's possible that an attacker could exploit a system transparently, especially if the person has their system configured to handle origin:// links automatically. As such, at a minimum, folks are encouraged to make sure their browser is set to issue a prompt when handling those links.

If you're looking to clamp down a bit more than that, the researchers recommend that you disable the origin:// URI globally with a tool such as Nirsoft's URLProtocolView. This will prevent you -- and anyone else -- from running games via shortcuts with custom parameters on your system, but ReVuln says you'll still be able to play games by running them directly from Origin's client.

It's worth noting that this isn't a new problem. The same security group exposed a similar issue on Steam last year: maliciously crafted "steam://" links could be used for remote code execution. Valve plugged that hole roughly two days after ReVuln's report was released. It's unclear if or when EA will issue a fix, not least considering it's had five months to act since the Steam issue.

Permalink to story.

https://www.techspot.com/news/51989-origin-vulnerability-lets-attackers-hijack-gaming-machines.html

 

[Jad Chaar]

Not surprised. Origin is a fail.

 

[Sniped_Ash]

It amuses me to no end that EA copied Steam, but didn't bother to learn from Valve's mistakes.

 

[Guest]

"It's unclear if or when EA will issue a fix, "

How is it, in any way unclear, whatsoever? Its EA ... the Definitive Answer is "We'll get around too it in a few months"

 

[IAMTHESTIG]

It amuses me to no end that EA copied Steam, but didn't bother to learn from Valve's mistakes.

I know... Steam was crap when it first came out, but they kept improving their product and service to the point where people are happy now. To top it off the frequent sales helps encourage loyalty.

Origin was crap and still is crap, even after all this time. It doesn't appear they've made any attempts to improve the UI. The only thing I can acknowledge is they are releasing update patches regularly, and some issues have been resolved, but overall it is still crap.

 

[howzz1854]

I have to say honestly most of my game purchase decisions have been put off by the exclusivity of Origin platforum. Steam didn't get this popular because they forced every game to be distributed on steam only. users had choices of steam or other direct download methods. it was the variety of options and convenience that made steam popular, instead EA is going about it all wrong. apparently EA thinks forcing the users into lack of option will drive sales. with all the negative press lately, and lack of performance on their balance sheet, sometimes I think EA just needs to start it all over fresh.

 

[Skidmarksdeluxe]

Bah! All game clients are a pain in the posterior. I can easily live without any of them.

 

[Guest]

You forgot to add "if ever".

 

[Jad Chaar]

It amuses me to no end that EA copied Steam, but didn't bother to learn from Valve's mistakes.

They used Battlefield 3 as a way to promote it, it helped, but the client still fails.

 

[TS-56336]

Origin itself is one big exploit.

 

[Mbloof]

Gee I'm sorry. I thought I simply purchased a game from you. I did NOT however give you license to advertise on my desktop and suggest other titles to me.

 

[fimbles]

A simple way to get around this is to download a no-cd crack. and dont install origin at all.

Copy protection fails again.

 

[TheDreams]

[quote="Sniped_Ash, post: 1288751, member: 314686

They used Battlefield 3 as a way to promote it, it helped, but the client still fails.[/quote]

I'd have to say that Battlefield 3 is the only good game on Origin, that is really the only thing that is holding Origin up.

 

[Jad Chaar]

They used Battlefield 3 as a way to promote it, it helped, but the client still fails.

I'd have to say that Battlefield 3 is the only good game on Origin, that is really the only thing that is holding Origin up.[/quote]
Yup, thats what my point was.