EA Games website hacked
|One of the most popular game company EA Games website hacked. The EA.com server has been compromised by hackers and being used to host a phishing website to steal users Apple ID, usernames, passwords, and credit card information. The new phishing attempt was exposed on Wednesday by security research firm Netcraft. The compromised server is used by two websites in the ea.com domain, and is ordinarily used to host a calendar based on WebCalendar 1.2.0, which contains several security vulnerabilities. It is likely that one of these vulnerabilities was used to compromise the server, as the phishing content is located in the same directory as the WebCalendar application.
The phishing site attempts to trick a victim into submitting his Apple ID and password. It then asks the victim to verify his full name, card number, expiration date, verification code, date of birth, phone number and other details that would be useful to a hackers. After submitting these details, the victim is redirected to the legitimate Apple ID website.