Notebookcheck Logo
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 

Hacker receives US$7,500 bounty for reporting exploit that allowed him to add unlimited funds to his Steam wallet

Steam is the most important digital distribution platform for PC games (Image: Valve)
Steam is the most important digital distribution platform for PC games (Image: Valve)
The hacker who found the critical security flaw in Steam's payment process promptly reported the exploit to Valve and has since been rewarded for his honesty.

A resourceful hacker has discovered an astounding exploit which allowed him to generate an unlimited amount of funds for his Steam wallet without paying the full price for it. The manipulation of Steam's payment process turned out rather simple. In his post on Hacker One, the security researcher explained that all he needed was a specific email address that had to be registered with the Steam account.

To put it simply, the email address only needed to include the term "amount5000". The number after the word "amount" indicates the amount of money that would be deposited into the wallet of the respective Steam account. After the email address is registered, a small US$1 payment had to be initiated to receive the amount of funds that is specified in the email address. The hacker has successfully executed this process only to prove his theoretical elaboration.

The exploit supposedly worked with payment methods that use the smart2pay system. Needless to say, Valve has since fixed the critical security flaw and expressed its gratitude towards the hacker with a bounty payment of US$7,500. This happy ending story illustrates that honest behavior can pay off, even online. After all, the hacker could have decided to buy thousands of game keys with his almost free Steam wallet funds.

Buy a Steam Gift Card on Amazon

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Enrico Frahn
Editor of the original article: Enrico Frahn - Tech Writer - 927 articles published on Notebookcheck since 2021
My fascination for technology goes back a long way to the Pentium II era. Modding, overclocking and treasuring computer hardware has since become an integral part of my life. As a student, I further developed a keen interest in mobile technologies that can make the stressful college life so much easier. After I fell in love with the creation of digital content while working in a marketing position, I now scour the web to bring you the most exciting topics in the world of tech. Outside the office, I’m particularly passionate about motorsports and mountain biking.
contact me via: LinkedIn
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2021 08 > Hacker receives US$7,500 bounty for reporting exploit that allowed him to add unlimited funds to his Steam wallet
Enrico Frahn, 2021-08-16 (Update: 2021-08-16)