During the last week, several players of the popular soccer video game FIFA 22 reported that their Electronic Arts online accounts were hacked. The incident would also have affected popular streamers of the video game such as Jamie Bateson (Bateson87), FUT FG, NickRTFM and Trymacs.
Affected users claim that hackers stole coins and players from their FIFA Ultimate Team clubs, a modality that allows users to form their own squad. The incident has even affected some users recognized for trading with these assets belonging to the video game.
Cybersecurity specialists believe that threat actors would have accessed the Gamertags or PlayStation Network IDs of affected players, using this information to contact EA Help posing as legitimate users and requesting a credential reset.
These are tactics typical of the attack known as social engineering, which hackers use to take control of online accounts, access protected resources or inject malware by deceiving an affected user.
Some enthusiasts of the FIFA video game franchise have been claiming for years that it is ridiculously easy to change an email address associated with the game by deceiving the operators of EA Help, because in most cases they do not perform any verification before completing the reset process. The worst thing is that not only the items of the game are at risk; users who suffer from these types of attacks may see their sensitive information compromised, including full names, dates of birth, phone numbers, and other details.
Ea released the following statement: “We are aware of the recent account hijacking attempts and are investigating.” The company recommends users adopt some additional security measures but does not mention whether the accounts can be recovered; In addition, some users believe that EA will only help the most popular streamers, leaving aside the rest of the users.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.