Security Researcher Finds Valve Exploit, Receives $7500
Gaming

Security Researcher Finds Valve Exploit, Receives $7500

PC: Valve

A security researcher  named drbrix at Hackerone found an exploit in Valve’s Steam Wallet system, according to a report by Kotaku.

The exploit in question was very specific, requiring the user to change their email to include “amount100” and use a Smart2Pay payment method. However, if done correctly, users would be able to add funds to their account of any amount, intercept the POST request, and add value to the Steam Wallet. This would mean that malicious actors could in theory receive free games and sell Steam Keys at lower than market value. The full description can be read here.

It was first reported to Valve on August 9th, and then made public on August 10th. Valve has since fixed the exploit and paid drbrix $7500 for reporting the issue.

It is not uncommon for companies to pay those who find exploits in their systems. In many cases, these hacks could lead to large loss of data, revenue, etc. that would incur much larger payments than this small compensation.

Subscribe to our website and stay in touch with the latest news in technology.

Security Researcher Finds Valve Exploit, Receives $7500
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To Top