A hacker found a way to get unlimited money on Steam


    Steam logo on the image of Wario celebrates in a large pile of gold.

    picture: Valve / Nintendo / Kotaku

    A security researcher on Hackerone recently presented a vulnerability that can be used on Steam to earn unlimited money. The vulnerability has since been patched by Valve and the company has awarded the user who discovered this exploit $7,500.

    hacker It is a site that connects companies like Valve with users who want to hack and tamper with websites, apps and other software. These people can offer exploits and hacking to companies privately, and then in return, these tech companies can give hackers money for their discoveries. It’s a system He has a proven track record of helping bad squash exploits before being presented to the public.

    On August 9 hacker User Drbrix has specifically alerted Valve to the Steam Wallet exploit which included changing your email address and intercepting transactions using any Smart2Pay payment method. You can read about the full attack method and how it works with the Hackerone report, which was published on August 1 and was spotted by Daily Swig And NME After a few days.

    Posted by Drbrix in hacker Transfer.

    As you might expect, Valve responded quickly to Drbrix’s post. A Valve employee on the site called JonP Drbrix thanked for their discovery and explained that Valve has quickly verified what they reported and is taking steps to fix the issue. A follow-up letter from JonP made it clear that the report was “clearly written” and “helpful in identifying real business risks.”

    Valve then paid Drbrix $7500, which is nice, but it doesn’t seem enough. If this exploit was made public or shared with a few small groups of people, it could have cost Valve more than $7,500. Come on valve. last year, Riot was offering people $100,000 to find them valuation exploits.

    After everything was squared off and fixed, Valve and Drbrix released the full report to the public. At this time, we don’t know if anyone will be able to use this exploit before we notify and correct Valve.

    (free: Eurogamer)


    Leave a reply

    Please enter your comment!
    Please enter your name here