Imagine discovering a bug that lets you keep every game you refund – and instead of getting banned, you walk away with $4,000 in free games from Valve.
Actually, the saying goes "honor among thieves," but since we don’t want to say a bad word about the good guys at Valve, let’s go with "honor for thieves," apparently. A recent Reddit post has sparked discussions about a curious case where a Steam user discovered a major bug that could have allowed them to amass games for free. Instead of exploiting it, they reported the issue – and got an unexpected reward. But was this a rare act of generosity, or just smart business from Valve? Here’s everything you need to know about this curious case.
Bug Exploited, Valve Rewards
A Reddit post by user Juzmeski has gone viral, amassing over 14,000 upvotes. It tells the story of Sonix, a Steam user who discovered a bug allowing him to keep games after refunding them. Rather than exploiting the bug for personal gain, Sonix decided to report the issue to Valve. In an unexpected move, Valve decided to reward Sonix for his honesty and allowed him to keep the games – a gesture that has sparked widespread discussion about Valve's approach to bug reports and ethical behavior.
Many users on Reddit celebrated Valve’s decision, seeing it as a positive example of a company doing the right thing. However, others pointed out that this might have been a strategic move to avoid more widespread exploitation of the bug. The decision to reward Sonix rather than punish him for discovering the flaw in the system has been interpreted as both a generous act and a smart business move. This story highlights the balancing act that companies like Valve face when dealing with security flaws and user behavior. This kind of refund bug is actually very well-known to retailers like Amazon. However, you're not rewarded for pointing it out, but likely end up in prison or, worse, working in Amazon's warehouse.
On Valve's HackerOne page, you can find an overview of what has been paid out since March 2018, including detailed reward categories based on the severity of the bug. The rewards range from $100 to $7,500 depending on the criticality of the issue.
Sonix’s Massive Steam Collection
Sonix’s Steam library is nothing short of extraordinary, with an astounding 37,474 games, making him one of the largest collectors on the platform. In addition to the vast number of games, he owns 20,898 DLCs, further demonstrating his dedication to the Steam ecosystem. His wishlist is equally impressive, with nearly 23,000 games waiting to be added to his collection. Despite the overwhelming size of his library, Sonix dedicates 76% of his playtime to Dota 2, showing that even with thousands of games at his disposal, he remains loyal to his favorite title.
With a Level 299 account and 105 badges, Sonix has earned his place among the most dedicated and seasoned players on Steam. His profile is a testament to his commitment, not just to collecting games, but to actively engaging with the Steam community. This massive collection and his continued focus on Dota 2 have made him a well-known figure, both for his gaming achievements and his unusual encounter with Valve’s bug bounty system.
The questions that remain unanswered are: Did Sonix also receive the bounty since his case occurred before the creation of the HackerOne website? And why did it take three years after this incident to launch such a platform?
Do you have hacking skills and use them to enrich yourself online? Share it with your IP address in the comments!