Browser-Based iOS 9.1/9.2 Jailbreak Wins $1M Bounty, Will Be Sold for Corporate and Government Use

by

remotejailbreakEarlier this month, exploit acquisition platform Zerodium debuted an iOS 9 bug bounty that would pay out up to three million dollars to hackers who managed to develop a browser-based untethered jailbreak for iOS 9, which it could then sell to clients interested in shelling out a lot of money to gain illicit access to iOS devices.

The contest expired at the end of October, and Zerodium today announced one hacking team had successfully created a browser-based jailbreak for iOS 9.1 and iOS 9.2, the latest versions of iOS 9, earning $1 million.

Zerodium foundar Chaouki Bekrar told Wired that the exploit developed by the hackers will be given to its customers, which include major technology, finance, and defense corporations, along with government agencies. The contest rules required the exploit to be achievable remotely without requiring user interaction beyond reading a text message or visiting a website via Chrome or Safari on an iOS device.

Bekrar confirmed that Zerodium plans to reveal the technical details of the technique to its customers, whom the company has described as "major corporations in defense, technology, and finance" seeking zero-day attack protection as well as "government organizations in need of specific and tailored cybersecurity capabilities."

Because it's selling the jailbreak ("likely" to U.S. customers only), Zerodium does not plan to report the vulnerabilities in the operating system to Apple, though Bekrar says the company may share the details at a later date. The jailbreak also won't be provided to the general public, but Bekrar says Zerodium announced the results of the contest to remind people that while iOS security is "very hardened," it's not unbreakable.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: Zerodium, jailbreak

Top Rated Comments

locoboi187 Avatar
locoboi187
77 months ago
This is very very bad. This is going to be abused by either our government or another malicious party. For example, all one would need to do is inject the exploit in an unencrypted WiFi to gain complete control over a phone since this is a browser based hack.
Score: 26 Votes (Like | Disagree)
KALLT Avatar
KALLT
77 months ago
Folks, this is just a jailbreak, it's neither illegal, nor can it be applied to a phone whose owner doesn't want it, just like all the other jailbreaks over the years.
The contest rules required the exploit to be achievable remotely without requiring user interaction beyond reading a text message or visiting a website via Chrome or Safari on an iOS device.
What do you think a jailbreak is? It's just a fancy name for an exploit that you want to use. If applied against your will or without your knowledge it is simply malware.
Score: 21 Votes (Like | Disagree)
2457282 Avatar
2457282
77 months ago
Hopefully, Apple who is sneaky is actually one of the customers and will plug the hole quickly. Yes wishful thinking, we might get a plug if the hole goes public and then probably in iOS 10. (SMH)
Score: 15 Votes (Like | Disagree)
jim.arrows Avatar
jim.arrows
77 months ago
Buy Apple they said. It's secure they said.
The fact that they're offering $1M for someone to develop the breach should make you feel very good about the overall security of the system... if it was easy nobody would pay $1M for it.
Score: 14 Votes (Like | Disagree)
sirdir Avatar
sirdir
77 months ago
uninstalling Chrome browser on my iPhone today.
the winning team for the hack probably gains entry through the Chrome browser, not Safari on iOS.
As Chrome is forced to use webkit as a renderer, I don't think it makes a diference what browser you're using.
Score: 13 Votes (Like | Disagree)
Speedman100 Avatar
Speedman100
77 months ago
Um is this like legal?
Score: 12 Votes (Like | Disagree)
Read All Comments

Top Stories

m1x mac mini screen feature

High-End 'M1X' Mac Mini With New Design and Additional Ports Expected to Launch in the 'Next Several Months'

Sunday August 22, 2021 5:59 am PDT by
Apple can be expected to launch an updated high-end Mac mini with a new design and a faster "M1X" Apple silicon processor in the "next several months," Bloomberg's Mark Gurman reports. In the latest publication of his Power On newsletter, Gurman writes that a new high-end Mac mini, which has previously been reported to feature a new design with additional ports, can be expected to replace...
Read Full Article396 comments
mac scanner permission error

Apple Says Fix Planned for 'You Do Not Have Permission to Open the Application' Error When Using a Scanner on Mac

Saturday August 14, 2021 6:15 am PDT by
In a newly published support document on its website, Apple has acknowledged an error that some users may receive when they try to use a scanner with a Mac in the Image Capture app, Preview app, or the Printers & Scanners section of System Preferences. A screenshot of the error message from the HP Support Community When attempting to use a scanner with a Mac, Apple said users might get an...
Read Full Article102 comments
macbookpro13large

macOS Big Sur Update Bricking Some Older MacBook Pro Models

Sunday November 15, 2020 5:33 am PST by
A large number of late 2013 and mid 2014 13-inch MacBook Pro owners are reporting that the macOS Big Sur update is bricking their machines. A MacRumors forum thread contains a significant number of users reporting the issue, and similar problems are being reported across Reddit and the Apple Support Communities, suggesting the problem is widespread. Users are reporting that during the...
Read Full Article845 comments
original iphone

Phil Schiller Says iPhone Was 'Earth-Shattering' Ten Years Ago and Remains 'Unmatched' Today

Monday January 9, 2017 7:15 am PST by
To commemorate the tenth anniversary of the iPhone, Apple marketing chief Phil Schiller sat down with tech journalist Steven Levy for a wide-ranging interview about the smartphone's past, present, and future. The report first reflects upon the iPhone's lack of support for third-party apps in its first year. The argument inside Apple was split between whether the iPhone should be a closed...
Read Full Article424 comments
m1 imac orange

New iMac Tidbits: Headphone Jack on Side, Ethernet Port on Power Adapter, Spatial Audio and WiFi 6 Support, No SD Card Slot

Wednesday April 21, 2021 6:38 am PDT by
Apple yesterday announced a completely redesigned 24-inch iMac with the M1 Apple silicon chip. The new iMac, the first major redesign of the Mac desktop computer since 2012, has several changes compared to the previous generation. In the aftermath of the event, a few new features and tidbits may have slipped under the radar, so we’ve compiled this list of some of the less-talked-about...
Read Full Article391 comments
omg lightning cable comparison

Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords

Thursday September 2, 2021 6:59 am PDT by
A normal-looking Lightning cable that can used to steal data like passwords and send it to a hacker has been developed, Vice reports. The "OMG Cable" compared to Apple's Lightning to USB cable. The "OMG Cable" works exactly like a normal Lightning to USB cable and can log keystrokes from connected Mac keyboards, iPads, and iPhones, and then send this data to a bad actor who could be over a...
Read Full Article153 comments
Top Stories 75 Thumbnail

Top Stories: Last-Minute iPhone 13 Rumors, Apple Announces App Store Changes, and More

Saturday September 4, 2021 6:00 am PDT by
The finish line is in sight! Apple's annual iPhone event is likely just a week or so away and all eyes will be on the company as it unveils the next version of its most popular product line. With any luck, we'll also see the next-generation Apple Watch and perhaps even some new AirPods. Other news this week saw Apple making some more changes to its App Store policies in response to a...
Read Full Article34 comments
General YouTube Feature 1

YouTube Premium and Music Surpass 50 Million Subscribers

Friday September 3, 2021 2:19 am PDT by
YouTube says it has passed 50 million subscribers for its Premium and Music subscriptions, making it the "fastest growing music subscription" service in the world, according to YouTube's global head of music, Lyor Cohen. YouTube says that it has more than 50 million paying subscribers collectively across YouTube Premium and YouTube Music. The Google-owned service says it attributes this...
Read Full Article163 comments
iPhone 13 Dummy Thumbnail 2

Full iPhone 13 Feature Breakdown: Everything Rumors Say We Can Expect

Tuesday August 31, 2021 7:50 am PDT by
With the launch of Apple's iPhone 13 lineup believed to be just a few weeks away, we have compiled all of the coherent rumors from our coverage over the past year to build a full picture of the features and upgrades coming to the company's new smartphones. For clarity, only explicit improvements, upgrades, and new features compared to the iPhone 12 lineup are listed. It is worth noting that...
Read Full Article97 comments
apple wallet drivers license

Apple Announces First U.S. States That Will Let You Add Your Driver's License to Your iPhone

Wednesday September 1, 2021 6:15 am PDT by
Apple today announced the first U.S. states that will be rolling out the ability for residents to add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch. Arizona and Georgia will be the first states to support the feature, with Connecticut, Iowa, Kentucky, Maryland, Oklahoma, and Utah to follow, according to Apple. Apple said select TSA security checkpoints in ...
Read Full Article282 comments