Researches have discovered a loophole in an Origin feature which deals with links to games users have downloaded allowing for a targeted machine to be infected with malicious code as reported by the BBC.
The exploit of EA's store client exposes up to 10 million people with Origin accounts to potential hacking, to date it does not appear hackers have used this feature to corrupt gamer's computers.
EA have confirmed they are investigating the vulnerability. ReVuln security experts Donato Ferrante and Luigi Auriemma discovered the loophole in Origin's syntax which is used to regulate the way in which games are stored on a computer to allow them to be quickly played on start-up.
"An attacker can craft a malicious internet link to execute malicious code remotely on [the] victim's system, which has Origin installed," the duo wrote in their report on the exploit.
The researchers noted that hackers looking to infect devices using this method needed some personal information however they warned that this could be circumvented as Origin does not prevent repeated attempts at guessing user data.
Ferrante and Auriemma revealed the loophole at the Black Hat Europe conference using a Windows PC running Origin and a copy of the recently released EA title Crysis 3 which they infected and assumed control of using this method.
EA have said they are looking into all possible Origin vulnerabilities.
