arandomdude

Thanks for the response. The player has exploited this bug 2 times, with 1 other failed attempt. The fail happened in between the 2 successful attempts and the player is confident that they know what triggered the failed attempt. After looking back over the data that I have, it appears that I have overstated the total $$ involved in the 2 successful attempts. Originally I said $10k. It's actually closer to $6-7k.

Thanks for your response. "Bug" may not be the correct term. There is zero manipulation of any of the casinos assets or any of the data exchanged between user account and casino. No fraudulent deposits or anything like that. It's a completely legal game mechanic that their software doesn't seem to know how to handle. This is why it can't be exploited more often. Any how, if the casino doesn't want to compensate a person for pointing out a vulnerability in their internal process that will ultimately cost them a lot of money (a very common practice in most industries), that's their decision and everyone is okay with that on this end. The player is content with his/her ability to get compensated on a long term payment plan from the casino and also quite sure that they won't get caught.

Hi. Someone that I know has discovered a "bug" in one of the major casino's payout systems. This person has been able to use this bug two times over a six month period which resulted in about $10k of payments, total. That demonstrates that the exploit is repeatable and that it's been around for at least 6 months. The reason that this person hasn't done it more often is because it is a very specific set of circumstances that must present themselves in order to exploit the bug. While the circumstances may be very specific, they aren't necessarily rare and it would be safe to assume that the circumstances could be created more frequently if one were to really try. This bug also isn't caused by a certain game studio. It is 100% a vulnerability in this casino's systems. The person who discovered this would like to tell the casino, but also feels like they should be compensated for something like this. It's pretty standard practice in many industries to pay people for discovering bugs or vulnerabilities in their processes or systems. This person feels that this isn't any different. If that person, who is a pretty small stakes gambler was able to take advantage of it, there's no telling how many more also have or will in the future. The person would like to be able to tell the casino about the bug, receive immunity from any penalties (financial or legal) related to the bug, fair compensation for the information. Does anyone have any helpful info for this person? Thanks.