Origin and Steam exploits show vulnerability of digital distribution services
Distressing news for EA and users of its Origin digital distribution platform: through no interaction or mistake on the users' part, those who have Origin installed on their computer are vulnerable to the installation of malware. A hypothetical, test attack was successfully demonstrated Friday, during the Black Hat Europe 2013 security conference, though the flaw that allows such exploitation was known about for some time before that.
The exploit involves replacing the link that a game refers to when activated within Origin to a malicious one. Here's how it works: when a game's executable file invokes Origin, it has to reference the platform via a specific URI. Once Origin has started, the actual game process dies, and Origin takes over. This creates another path or tunnel that those so inclined could choose to exploit. If a hacker were to create a program that were to replace the correct URI with a malicious one, they've gained access to your system.
ReVuln Ltd, a company that specializes in researching software security, wrote in a paper dissecting the problem that their suggested course of action is to disable the “origin://” URI, which also disables the ability to run Origin games via desktop shortcuts, though they can still be launched directly from Origin. “Users are strongly encouraged at a minimum,” the paper reads, “to set their browser to prompt when handling these links.”
This isn't limited to EA or Origin. ReVuln also published a paper in October of 2012 detailing the same problem in Steam.