Gamers using Electronic Arts's (EA) Origin game store could fall victim to a hack attack that swaps games for malicious code.
Security company ReVuln claims to have discovered a loophole in the way that Origin handles links to download games. The vulnerability potentially enables hackers to run code that compromises a target machine.
However, it is not thought that the loophole has been used by hackers, and the flaw is being investigated by EA.
Origin is EA's distribution system via which users can buy, download and manage its games, as well as a discussion forum.
The system has the ability to keep track of where games are found on a computer to speed up how quickly they can be started. But acucording to the researchers, hackers can set up a malicious web link to plant the code on users' machines. Hackers need identifying information about players to exploit the loophole, but this is made easy by the fact that Origin does not prevent further attempts to guess this information.
ReVuln advises gamers to protect themselves by starting games directly from Origin, rather than launching games via desktop shortcuts.
