Business

Valve Starts New Reward Scheme Which Pays Hackers to Identify Exploits and Vulnerabilities

Ross Deason

Valve have rolled out a new bounty scheme which will reward people that find and report any security exploits in their various services and networks with cash.

Sometimes referred to as “bug bounties”, security schemes that reward “ethical hackers” with cash have proven to be successful for numerous big companies in recent years.

[ad name=”article1″]

When we say big, we mean big, Everyone from Google to Apple has started to run similar programs which attempt to stop hackers from leaking information elsewhere by offering a cash incentive if the hacker follows their guidelines and only reports exploits to them.

Believe it or not these bug bounties have proven to be extremely successful and now Valve have decided to throw their hat into the ring with a number of different rewards available depending on the severity of the exploit.

[ad name=”article2″]

Valve are using HackerOne for the new bount scheme and say “We are running this HackerOne bounty program to reward researchers for identifying potential vulnerabilities.”

The various rewards for exploits range from $200 to $3,000 and can come from any of the domains or services listed in the scope below.

Scope

The current scope is limited to the domains and pieces of software listed here:

  • steampowered.com, steamcommunity.com, steamgames.com, valvesoftware.com, counter-strike.net, dota2.com, teamfortress.com and sub-domains, excluding domains explicitly removed in the scope section below
  • Steam Client for Windows, Mac and Linux
  • Steam command line utility (SteamCMD)
  • SteamOS
  • Steamworks SDK
  • Steam mobile app on iOS and Android
  • Steam Servers
  • Valve game titles
  • Multiplayer and in-game economy aspects of Valve game titles and dedicated game servers

Please note that game bugs, glitches or gameplay exploits are not part of the bug bounty program, but can still be submitted on our Support site.

No authorization is given to test any other web applications, game titles or mobile applications. No bounties will be given for any disclosures relating to any applications outside the scope of this program.

[ad name=”article3″]

It will be interesting to keep an eye on the HackerOne page and see just how many exploits are found and fixed in the coming months.

According to the website, over $100,000 has already been paid out and 39 hackers have already been “thanked” (which presumably means they identified an exploit).

The payout table can be found below.

HackerOne

About The Author

Ross Deason

Ross is a former Dexerto writer and editor. Ross joined Dexerto in 2017 as a CSGO and Call of Duty writer after completing his History degree. He later became the Acting Head of Editorial at Dexerto but failed in his mission to become a Counter-Strike pro. Maybe it's time to retire and give Valorant a try.

keep reading
Bobby Kotick with TikTok logo
TikTok
Ex-Activision CEO Bobby Kotick looks to buy TikTok amid shutdown fears
Shay Robson
Cloud9 LCS 2023
Esports
Cloud9 CEO claims org is making a profit despite 2023 esports winter
Declan Mclaughlin
otk charity stream
Entertainment
Millions in Twitch charity stream donations allegedly never paid to the charity
Calum Patterson
CS2 case
Counter-Strike 2
Valve ordered to refund $15k to CS:GO player as cases ruled ‘illegal’ in Austria
Calum Patterson
Sign up to Dexerto for free and receive:
Fewer Ads|Dark Mode|Deals in Gaming, TV and Movies, and Tech