The site was used to "phish" - illegitimately request and store user information - for Apple ID usernames, passwords, and more information ideal for fraud and identity theft.
The compromised server, which hosts two websites in the EA domain, is running outdated software with known security exploits, which likely allowed hackers to gain access. Netcraft detailed the process used in the phishing scheme:
The phishing site attempts to trick a victim into submitting his Apple ID and password. It then presents a second form which asks the victim to verify his full name, card number, expiration date, verification code, date of birth, phone number, mother's maiden name, plus other details that would be useful to a fraudster. After submitting these details, the victim is redirected to the legitimate Apple ID website.
Netcraft said that the compromised site was still online a day after it notified EA. The publisher toldVG24/7that it was unable to confirm the specific claims but it took " immediate steps to disable any attempts to misuse EA domains."
EA's Origin service was taken offline by a DDoS attack in January, preventing players from logging into the PC version ofBattlefield 4.