Valve Pays $20,000 To Hacker For Uncovering Major Exploit
Somewhere deep inside Valve’s labyrinthine compound of Steam-sustaining tubes, wires, and pipes, somebody is thanking their lucky stars for Artem Moskowsky. The self-described “bug hunter” came across a glitch that allowed him to generate thousands of free keys for any game on Steam. A lesser person might have kept that knowledge to themselves. He reported it.
Moskowsky discovered and reported the bug back in August, but Valve only allowed the information to go public recently. For his troubles, the company paid him £15,000 – as opposed to a lifetime of free games, which is what would’ve happened if this was a feel-good episode of a sitcom.
According to a summary by Valve on bug bounty site HackerOne, the bug took advantage of an issue with Steam’s developer tools. Using “specific parameters,” anyone with access to those tools could make the service spit out keys for games that didn’t belong to them.