Valve Rewards Money to Individuals Reporting Steam's Vulnerability 1
0 0
0 0
Read Time:1 Minute, 24 Second

The vulnerability of Steam, which officially provides free balance to users, was recently discovered by a security researcher. Valve rewarded the person who found this vulnerability, which could cause great damage, with a minimum of 1 salary.

The vulnerability uncovered by the researcher allowed users to top up their Steam wallet balances for free. The person who noticed this informed Valve about the situation. The problem is fixed, if the security researcher received a $7,500 prize.

Security researcher probably saved Steam from a huge waste

Valve Rewards Money to Individuals Reporting Steam's Vulnerability 2

A security researcher found under the name ‘drbrix’ on a site called HackerOne, on Steam who tricked them into loading money into their wallets discovered a vulnerability. The vulnerability, which can be exploited by creating a fake ‘Smart2Pay’ payment, was shared by ‘drbrix’ in detail on HakcerOne.

The researcher said that the vulnerability could cause major problems on Steam; Steam shop can be crashed with free shopping or added a warning that a user can sell the games they bought for free at the end of the post. A Valve official who saw the post thanked him and reported that they started working on the problem. After the problem was resolved, Valve sent $7,500 as a reward to the person who found this huge flaw. Judging by the comments of the post, this award made ‘drbrix’ very happy. However, if he had not reported it himself, Valve could have suffered a great loss.

Valve has not made a statement about whether this vulnerability has been exploited by a hacker so far. But even if he had used it, we think that if there was a significant loss, the company would have noticed it.

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.