The Slack Technologies Inc. logo is seen on a banner outside the New York Stock Exchange (NYSE) during thew companyís IPO in New York, US June 20, 2019. © REUTERS/Brendan McDermid
The group of hackers who swiped source code from game company Electronic Arts pulled off the stunt by tricking EAís IT support team on Slack, according to Motherboard.
The cyber thieves made off with some 780 gigabytes of data, including the source code for soccer simulator FIFA 21 and its matchmaking server, and the Frostbite engine, which powers most of EAís games - including the Battlefield and Madden franchises. The code has now been put up for sale on the dark web.
Motherboard, which reported the data breach on Thursday, has revealed new details about how the exploit was achieved after making contact with the hackers.
A representative for the hacking collective told the outlet in an online chat that the group purchased stolen browser cookies being sold online for $10, and used the data to gain access to an EA Slack channel. Cookies can sometimes contain sensitive information such as login details.
Once inside the communications platform, the hackers pinged a member of EAís IT support team, explaining that they had lost their phone at a party during the previous night. The ruse was successful, and the hackers were given a multifactor authentication token so that they could login to the companyís corporate network.
Having bypassed the first major obstacle, the hackers were able to burrow deeper into EAís network, accessing services that allowed them to download game source code.
The hackers backed up their story by providing Motherboard with screenshots of the Slack chats. EA later confirmed to the outlet that the timeline of events was accurate.
While chatting with Motherboard, the representative for the hackers furnished a tranche of documents that were allegedly taken during the exploit, including materials concerning Playstation, virtual reality (VR), AI technology and how EA creates digital crowds in its FIFA games.
After the hack went public, EA issued a statement saying that an investigation was underway. No player data was accessed and security improvements were implemented following the incident, the company said. Based in Redwood City, California, EA is known for popular titles such as Battlefield, FIFA, Madden, and The Sims.