Pierluigi Paganini
January 10, 2022
A growing number of EA Sports FIFA 22 players reported that their EA accounts were hacked, including famous streamers such as Jamie Bateson (AKA Bateson87), NickRTFM, Trymacs, TisiSchubecH and FUT FG.
Attackers also stole coins and players from the FUT clubs of the gamers. In recent days FIFA 22’s trading community is also being targeted by attackers that hacked some of the game’s most successful traders, including lNoahHDl, FUT Donkey, JoaoSeleiro, and narcoinsfc (Wael).
Just got hacked boys, finally people can stop blaming me for the hacks xD
— FUT Donkey (@FUTDonkey) January 5, 2022
I plan to take legal action, they gave my account to a random person via the live chat, a clear breach of data protection laws
Was a fun ride, see u guys in 23 I guess
According to the media, threat actors were able to obtain the players’ Gamertags or PSN ID, then contacted the EA Help via live chat claiming that they have been locked out of their account and ask the support to change the email address associated with their account.
The above social engineering attack could be successful only when the EA Help operators are deceived by the hackers and don’t ask for additional verification.
“However, Mirror Football has been told that on rare occasions, the hackers are able to convince EA Help advisors to agree to change the email associated with accounts and even give out the current email associated with the account, just by stating a Gamertag or PSN ID, without asking for additional verification.” reported the Mirror. “Mirror Football has also seen screenshots of people successfully changing email addresses without additional security verification and without signing in.FIFA 22 FUT Champions Rewards updated with new rewards and four new ranks.”
Upon accessing the victims’ accounts, attackers have access to sensitive, personal information, and this information can be abuse in future attacks.
According to The Mirror, EA will likely work with high-profile streamers to restore their accounts, but pointed out that a large number of FIFA 22 players is claiming that they were hacked and are facing problems in re-gaining the control of their accounts.
Following Mirror Football’s report, EA has now issued the following statement:
“We’ve been made aware of recent account takeover attempts and are currently investigating,” An EA Sports spokesperson told Mirror Football. “More information on how to secure your account, including how to enable two-factor authentication, can be found here: https://help.ea.com/en/help/account/how-to-maintain-account-security/ .”
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, EA Sports FIFA 22)
[adrotate banner=”5″]
[adrotate banner=”13″]
