Exploiting Amazon active vulnerability

How to exploit an Amazon active vulnerability and get access to Prime (& all it’s benefits, including all Prime Video Channels) for free, due to a too extensive grace period of payment.


About a year ago I reported to Amazon a vulnerability which allows a malicious user to abuse the grace period of a prime payment, however this report was closed as informative. According to them, It is an expected behavior, therefore no vulnerability. So here I am to share it to everyone :)

Also, it is not illegal or anything. You can follow this article without any legal problem, no worries, Amazon’s security team gave their word.

What does it do?

By exploiting this vulnerability, you’ll have full access to all prime services (prime gaming, video, music, reading, etc.) and benefits for free.


I know, you may be thinking: nah, this isn’t easy, this must be a complex exploit or something that I won’t be able to follow.

Wrong, this is PRETTY EASY. There is just one thing that you are going to need: a no fund credit card. I got mine from a pre-paid credit card service.


  • Add your no fund credit card to payment methods on Amazon;
  • If you have a Prime payment already configured, change to the no fund credit card;
  • Select 30 days of prime and proceed the payment. While the payment is being processed (which will take 35 days), you’ll be able to enjoy all prime’s benefits
payment being processed for over a month
  • Once the 35 days are over, you’ll receive an email telling you to update your prime payment method. So, what should you do next? Just cancel prime and do the same process all over again (on the same account).

That is the exactly same process for prime video channels like paramount+ or Look or any other.

Thank you for reading this article, up vote (clap) this article to get popularity and let Amazon know that they are messing up with their hacker partners.



Programmer, ethical hacker and pentester. 18 yo.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store