Forum Discussion

NizBotIO's avatar
NizBotIO
Rising Rookie
2 months ago

Concerns Regarding EA App and Javalin AC

Hi Guys,

I have some concerns relating to the security of the "EA App" including: EA Desktop, EA LocalHost, EA BackgroundService, EACefSubProcess, and EA AntiCheat.

These are my concerns: Whilst playing any EA game on my desktop for this example lets say BF2042 I notice a large number of IP connections and data transfer to/from various external IP addresses unrelated to the concurrent BF2042 connections. This concerns me for more than one reason:

  1. My EA app is set to not auto update.
  2. My EA app is set to not download during gameplay.
  3. My EA app is bandwidth limited for updates.
  4. My EA app's Overlay is disabled.
  5. My EA app seems to ignore these settings and shares many MB/s of data with these external IP's during a gaming session.
  6. The external IP's do not seem to match that of the game being played, such as BF2042 
  7. I'm concerned that your APP Suite inc EAAC is insecure, as occasionally during game play my Keyboard gets disconnected, and it's only when your app and games are running, Xbox Games do not display this same behaviour and I do not use a controller for these.
  8. I'm concerned that you are using peoples available hardware resources for some kind of mining/folding/compute servicing, which would raise legitimate criminal concerns, you see if you are doing so, then you are stealing from your customers, using their hardware and costing them money (Energy Bills) for your own gain, could be considered theft in many countries. (I'm hoping this isn't the case.)
  9. The Disconnection of peripherals comes from the fact your anti-cheat uses a Kernel-Mode driver and has FullTrust access to all machines that could potentially be accessed, abused by an attacker. 
  10. Your Anti-cheat service seems to update, after every Microsoft update to windows and windows security, which seems too coincidental IMO. Like you have patched Microsoft's own measures on their OS so that your Kernel-Mode driver can still have FullTrust.

 

I could be barking up the wrong tree, but it does seem awfully suspicious that when your software is running these are the problems that I have and the pattern I see when on a gaming session.

7 Replies

  • Interesting that this is so quiet and no one else has concerns or wants to speak up about it....

  • Strange how they do not want to defend themselves or comment on this, how funny.

  • How do you know which IP addresses are specifically for BF2042? Also, there are legitimate reasons for it to be sending data to non-BF2042 addresses. Sending monitor screenshots to EA for anti-cheat purposes and communicating with Origin servers for example.

    If your keyboard is getting disconnected during gameplay, it's likely that your keyboard uses an insecure driver and Javelin is disabling it. Many RGB applications such as OpenRGB use the WinRing0 driver, which is known to be exploitable and gets blocked in a lot of kernel-level anti-cheat systems (not just Javelin). Try uninstalling any additional peripheral software that your keyboard manufacturer might've installed.

  • NizBotIO's avatar
    NizBotIO
    Rising Rookie
    2 months ago

    Thanks for the Information, regarding the keyboard.. but alas I do not have any additional software or drivers on the PC for the peripherals, I also changed keyboard to see if in fact it was an issue with my original keyboard, and well it is not, again which is strange, as it happens with both for no apparent reason.

  • Loomeh25's avatar
    Loomeh25
    New Novice
    2 months ago

    Thanks for the update. Here are some things you could try which would help with figuring out the issue:

    1. Running a full scan inside Windows Defender to confirm that there's no malware interfering with your system
    2. Testing other KLAC-protected games (such as Fortnite, Apex Legends, R6:Siege, GTAV, League of Legends and VALORANT) to confirm if this is an issue with KLACs in general on your machine or just Javelin.

  • NizBotIO's avatar
    NizBotIO
    Rising Rookie
    2 months ago

    Thanks again for the further information, I would like to install iCue for my peripherals, do you know if there are any known issues between iCue and the EA KLAC ? 

  • Honestly, the Anti-cheat is not working, not in the slightest.

    ADD_MORTAR_TOBF5 has been reported in-game by most of our team (32 players) on Conquest, after he teleported from his spawn to E1 in Stadium and then proceeded to wipe out the entire team with a PP-29 single shot non headshot and unlimited ammo. 

About EA app General Discussion

Got EA app questions? Let's chat here!1,633 PostsLatest Activity: 36 minutes ago