Introduction

It’s been covered pretty extensively for such a simple routine update, so here’s a quick summary from zdnet: “..with the way EA had implemented the trust mechanism, researchers found it was possible to redirect users to login via the hijacked subdomain.”

Mitigation

If you sell or give-up a domain you previously own, it’s best to not continue to reference it. If you see communication that appears it came from EA, it’s best to just type (or use an existing bookmark) to visit their site to prevent accidentally visiting a compromised sub/domain.

Source | Photo by Pixabay from Pexels