{"id":325492,"date":"2021-08-16T15:20:42","date_gmt":"2021-08-16T12:20:42","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/unlimited-steam-wallet-flaw-fixed\/"},"modified":"2021-08-16T15:20:42","modified_gmt":"2021-08-16T12:20:42","slug":"unlimited-steam-wallet-flaw-fixed","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/unlimited-steam-wallet-flaw-fixed\/","title":{"rendered":"#Unlimited Steam Wallet Flaw Fixed"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3849435881d\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3849435881d\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/unlimited-steam-wallet-flaw-fixed\/#The_Flaw\" >The Flaw<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/unlimited-steam-wallet-flaw-fixed\/#Response_by_Valve\" >Response by Valve<\/a><\/li><\/ul><\/nav><\/div>\n<p>&#8220;<strong>#Unlimited Steam Wallet Flaw Fixed<\/strong>&#8221;<br \/>\n<strong>Valve<\/strong> is a massive corporation in the world of gaming, and <strong>Valve\u2019s Steam<\/strong> is one of the most popular digital <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/game\/\" data-internallinksmanager029f6b8e52c=\"7\" title=\"Game\" target=\"_blank\" rel=\"noopener\">game<\/a> distribution websites. When a company gets as big as Valve is, any security threats can cause huge financial and reputation losses. This is exactly what recently h<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ened with Valve, and they might have suffered considerable financial losses.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"The_Flaw\"><\/span><span style=\"color: #ff0000\"><strong>The Flaw<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<figure id=\"attachment_11560\" aria-describedby=\"caption-attachment-11560\" style=\"width: 810px\" class=\"wp-caption alignnone\"><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-11560 size-full\" src=\"https:\/\/www.spieltimes.com\/wp-content\/uploads\/2019\/07\/steam-logo.jpg\" alt=\"Steam logo\" width=\"810\" height=\"456\"><figcaption id=\"caption-attachment-11560\" class=\"wp-caption-text\">Courtesy of Valve<\/figcaption><\/figure>\n<p>A security researcher called \u201cdrbix\u201d on HackerOne discovered an exploit in the Steam wallet on the platform. It was a security flaw that could allow gamers to boost their in-game Steam wallet balances by artificially increasing the value of deposits.<\/p>\n<p>HackerOne is a vulnerability coordination platform that connects businesses with penetration testers and cybersecurity researchers. It is like a bounty website where such researchers can make big corps like Valve aware of such flaws and collect some money in return.<\/p>\n<p>Dribix described how an attacker could modify their Steam account email to an address that includes the term \u201camount100\u201d. After that, they could apply to add funds to their wallet by selecting an option that relies on Smart2Pay as the payment method. Then they could go ahead with a small minimum payment of $1, which could later be edited to a greater amount by intercepting the transaction. You can read the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/hackerone.com\/reports\/1295844\">full report here<\/a> for a better understanding.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"Response_by_Valve\"><\/span><span style=\"color: #ff0000\"><strong>Response by Valve<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-16118 size-full\" src=\"https:\/\/www.spieltimes.com\/wp-content\/uploads\/2020\/03\/20200323_141832_MixedReality.jpg\" alt=\"\" width=\"1920\" height=\"1080\"><\/p>\n<p>First of all, upon confirmation of the issue, Valve offered $7,500 as the bounty payment to Dribix. Apart from this, Valve thanked the researcher for his efforts and for sharing the issue. Next, Valve upgraded the bug to \u201cCritical\u201d severity and recognized its potential to cost financial losses. Dribix earlier posted it as a medium severity issue. But it is a much severe issue as an attacker can generate loads of money by this method. After that, he could break the Steam market by selling game keys at a cheaper price.<\/p>\n<p style=\"text-align: center\"><em><span style=\"color: #ff0000\">\u201cThanks to the person who reported this bug we were able to work with the payment provider to resolve the issues without any impact on customers,\u201d<\/span><\/em> Valve said.<\/p>\n<p>As of now, Valve hasn\u2019t revealed if any such attacks have been made on it, but it did acknowledge that it is a severe security flaw. This comes at a time when Valve\u2019s Steam Deck is about to roll out into regular use, and Valve will not want to lose money or reputation right now.<\/p>\n<p>If you have any other questions regarding the world of gaming, feel free to ask in the comments below. For more content related to gaming, stay with us, here at Spiel Times.<\/p>\n<p>Make sure you subscribe to our push-notifications and never miss an update from the world of video games. Until next time, <span style=\"color: #ff0000\"><strong>Stay Safe and Happy Gaming!<\/strong><\/span><\/p>\n<p>The post Unlimited Steam Wallet Flaw Fixed appeared first on Spiel Times.<\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/game\/\" target=\"_blank\" rel=\"noopener\">Game <\/a><\/span>category.<\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.spieltimes.com\/news\/unlimited-steam-wallet-flaw-fixed\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#Unlimited Steam Wallet Flaw Fixed&#8221; Valve is a massive corporation in the world of gaming, and Valve\u2019s Steam is one of the most popular digital game distribution websites. When a company gets as big as Valve is, any security threats can cause huge financial and reputation losses. This is exactly what recently happened with Valve,&#8230;<\/p>\n","protected":false},"author":1,"featured_media":325493,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.spieltimes.com\/wp-content\/uploads\/2019\/07\/steam-logo.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-325492","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-game"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/325492","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=325492"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/325492\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/325493"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=325492"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=325492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=325492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}