Valve Pays $20,000 To Hacker For Uncovering Major Exploit

Bug Discovered That Generated Free Game Keys

A hacker named Artem Moskowsky found a major exploit on Steam that could generate thousands of game keys for any game. Instead of using this knowledge to cripple Valve, he reported it directly to them. In return, Valve offered him a $20,000 payday. Not a bad trade, all things considered.


The bug was discovered back in August, but Valve didn’t go public with the information until very recently. They posted about the major exploit on HackerOne, stating that no evidence of misuse had been discovered by their team. Moskowsky claimed otherwise, pointing to 36,000 keys he conjured for Portal 2.

Apparently all it took was access to a set of Steam’s developer tools. Moskowsky used these, in conjunction with a very specific set of parameters, to gin up Steam keys for any game on the store front. This isn’t even the first time that Moskowsky has performed this service for Valve, with previous efforts netting him $25,000 for another single exploit. It just goes to show that crime doesn’t pay nearly as well as stopping crime. I mean, so long as the crimes in question are being committed against a massive tech company with deep pockets and a lot to lose.