How Hackers Used Slack to Break into EA Games

The group of hackers who stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token, Motherboard has learned.


This is a companion discussion topic for the original entry at https://www.vice.com/en_us/article/7kvkqb/how-ea-games-was-hacked-slack
1 Like

For all the hand-wringing about supply chain attacks, plain old social engineering continues to be the most effective tool in the hacker arsenal.

4 Likes

Cheaper and easier than attempting to decompile and unobfuscate the code.

4 Likes

As someone who always laughs at the annual web security trainings. Apparently some folks really need to pay attention during those.

sometimes it just takes one brain fart randomly for this stuff to happen. To out myself as having a quasi one of these, a couple of years ago, i randomly responded to a Spam email from my " bosses boss" that was talking about how they needed to talk to me about something and to email back to set up a meeting, and half paying attention, i just fired back a “yeah sure what’s up, what date/time works?” and then immediately got an email back about how it would be awesome if i got some amazon gift cards for them, which made me immediately facepalm. Nothing bad came of it, i reported it and blocked the email, but It just takes a distracted couple of minutes and it can happen.

6 Likes