Game

#Unlimited Steam Wallet Flaw Fixed

Table of Contents

#Unlimited Steam Wallet Flaw Fixed
Valve is a massive corporation in the world of gaming, and Valve’s Steam is one of the most popular digital game distribution websites. When a company gets as big as Valve is, any security threats can cause huge financial and reputation losses. This is exactly what recently happened with Valve, and they might have suffered considerable financial losses.

The Flaw

Steam logo
Courtesy of Valve

A security researcher called “drbix” on HackerOne discovered an exploit in the Steam wallet on the platform. It was a security flaw that could allow gamers to boost their in-game Steam wallet balances by artificially increasing the value of deposits.

HackerOne is a vulnerability coordination platform that connects businesses with penetration testers and cybersecurity researchers. It is like a bounty website where such researchers can make big corps like Valve aware of such flaws and collect some money in return.

Dribix described how an attacker could modify their Steam account email to an address that includes the term “amount100”. After that, they could apply to add funds to their wallet by selecting an option that relies on Smart2Pay as the payment method. Then they could go ahead with a small minimum payment of $1, which could later be edited to a greater amount by intercepting the transaction. You can read the full report here for a better understanding.

Response by Valve

First of all, upon confirmation of the issue, Valve offered $7,500 as the bounty payment to Dribix. Apart from this, Valve thanked the researcher for his efforts and for sharing the issue. Next, Valve upgraded the bug to “Critical” severity and recognized its potential to cost financial losses. Dribix earlier posted it as a medium severity issue. But it is a much severe issue as an attacker can generate loads of money by this method. After that, he could break the Steam market by selling game keys at a cheaper price.

“Thanks to the person who reported this bug we were able to work with the payment provider to resolve the issues without any impact on customers,” Valve said.

As of now, Valve hasn’t revealed if any such attacks have been made on it, but it did acknowledge that it is a severe security flaw. This comes at a time when Valve’s Steam Deck is about to roll out into regular use, and Valve will not want to lose money or reputation right now.

If you have any other questions regarding the world of gaming, feel free to ask in the comments below. For more content related to gaming, stay with us, here at Spiel Times.

Make sure you subscribe to our push-notifications and never miss an update from the world of video games. Until next time, Stay Safe and Happy Gaming!

The post Unlimited Steam Wallet Flaw Fixed appeared first on Spiel Times.

If you liked the article, do not forget to share it with your friends. Follow us on Google News too, click on the star and choose us from your favorites.

For forums sites go to Forum.BuradaBiliyorum.Com

If you want to read more News articles, you can visit our Game category.

Source

Related Articles

#Little Nightmares II Review — Creepy, Bizarre, and Brilliant

# Disney Dreamlight Valley ‘A Festival of Friendship’ update now available

# Disney Dreamlight Valley ‘A Festival of Friendship’ update now available

# This Week’s Japanese Game Releases: Resident Evil Village, more

# Touken Ranbu Warriors for Switch coming west on May 24, 2022

Leave a Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close

Please allow ads on our site

Please consider supporting us by disabling your ad blocker!