Update: EA said in a statement that it’s investigating the reports (via TheVerge):
“Privacy and security are of the utmost importance to us, and we are currently investigating this report… We’ve taken immediate steps to disable any attempts to misuse EA domains…”
According to a report from internet security and research company Netcraft, hackers have compromised an EA Games server and are currently using it to host a phishing site that steals Apple IDs and more from unsuspecting users. The company published its report today and says it contacted EA yesterday to report the discovery, but as of publishing the compromised server and the phishing site stealing Apple IDs were still online.
Netcraft claims the phishing site being hosted on EA’s servers not only asks for an Apple ID and password but also the user’s “full name, card number, expiration date, verification code, date of birth, phone number, mother’s maiden name, plus other details that would be useful to a fraudster.” Netcraft also reports that EA Games is being targeted in other phishing attacks that are attempting to steal user data from its Origin game distribution service:
After submitting these details, the victim is redirected to the legitimate Apple ID website at https://appleid.apple.com/cgi-bin/WebObjects/MyAppleId.woa/… As well as hosting phishing sites, EA Games is also the target of phishing attacks which try to steal credentials from users of its Origindigital distribution platform. For example, the following site — which has been online for more than a week — is attempting to steal email addresses, passwords and security question answers.
While Netcraft is unsure of how the server was compromised, it speculates that an outdated version of WebCalendar 1.2.0 software (that has been patched since) running on the websites stored on the compromised servers could have provided a vulnerability for the attackers.