Zero-Day Acquisition Platform Triples iOS 10 Bug Bounty to $1.5 Million

by

Exploit acquisition platform Zerodium has increased its reward for a successful jailbreak of iOS 10 to $1.5 million, far surpassing Apple's recent payout offer for discovering and reporting vulnerabilities in its software.

Late last year, Zerodium briefly offered and paid out $1 million to one hacking team for the successful creation of a browser-based jailbreak for iOS 9.1 and 9.2, but dropped the going rate for an exploit to $500,000.

zerodium
Rather than report the vulnerabilities to Apple, Zerodium said that it would sell the exploit to its customers, which include major technology, finance, and defense corporations, as well as government agencies.

Instead of being limited to a specific timeframe, the new $1.5 million reward is a permanent offer that aims to compensate for Apple's recently hardened security regime, said Zerodium founder Chaouki Bekrar.

We've increased the price due to the increased security for both iOS 10 and Android 7, and we would like to attract more researchers all year long, not just during a specific bounty period as we did last time.

At the same time, Zerodium's decision to up its bug bounty can be seen as a response to the imminent launch of Apple's own program.

Last month at the annual Black Hat Conference, Apple announced the launch of an invite-only Security Bounty Program that would offer rewards of up to $200,000 to researchers depending on the vulnerability discovered. Apple said the program would be limited to a few dozen researchers and would go live in September.

Earlier this week, several news media outlets were seemingly duped into reporting on an alleged 'secret' meeting of prominent hackers at Apple's Campus in Cupertino, which was supposed to include a briefing on the company's bug bounty program. The meeting was apparently a hoax perpetrated by the hackers themselves.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: Zerodium, Jailbreak
Related Forum: iOS 10

Top Rated Comments

Hanzu Lao Avatar
Hanzu Lao
94 months ago
Why should not this be legal ?
If i sold a vulnerability of you home alrm system to someone would you like that?
Score: 26 Votes (Like | Disagree)
Abazigal Avatar
Abazigal
94 months ago
If i sold a vulnerability of you home alrm system to someone would you like that?
Just because I don't like something doesn't automatically make it illegal.
Score: 26 Votes (Like | Disagree)
indychris Avatar
indychris
94 months ago
You know, if Apple played their cards right, they could contract someone to work on their behalf and get $1.5Million of of Zerodium's money and directly benefit Apple. In fact, a truly conniving company could create a hidden 'vulnerability', sell it to Zerodium, fix the code right away and sink the potentially sabotaging company.
Score: 24 Votes (Like | Disagree)
Hanzu Lao Avatar
Hanzu Lao
94 months ago
How is this even legal?
Score: 20 Votes (Like | Disagree)
VulchR Avatar
VulchR
94 months ago
How is this even legal?
My thoughts exactly. This is a national security issue, not some business deal. We have the Patriot Act, but no legal requirement to report potential security vulnerabilities to the companies that make hardware and software?

Anybody who takes this 'bounty' should be held legally liable, along Zerodium, for any damages caused by a customer exploiting a bug...
Score: 16 Votes (Like | Disagree)
Peace Avatar
Peace
94 months ago
"Rather than report the vulnerabilities to Apple, Zerodium said that it would sell the exploit to its customers, which include major technology, finance, and defense corporations, as well as government agencies."

Did anybody not see this part ?
Score: 14 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 17

iOS 17.2 Will Add These 12 New Features to Your iPhone

Friday December 1, 2023 12:19 pm PST by
iOS 17.2 has been in beta testing for over a month, and it should be released to all users in a few more weeks. The software update includes many new features and changes for iPhones, including the dozen that we have highlighted below. iOS 17.2 is expected to be released to the public in mid-December. To learn about even more features coming in the update, check out our full list. Journal ...
Read Full Article
anker new xmas 1

Anker's Cyber Week Sale Enters Final Days With Up to 60% Off Sitewide

Friday December 1, 2023 12:05 pm PST by
Anker's Black Friday/Cyber Week event is entering its final days this weekend, and it's still offering up to 60 percent off sitewide. There are also a few "mystery boxes" that can include hundreds of dollars in savings, if you're willing to risk not knowing what you're buying ahead of time. All of these sales will end on December 3. Note: MacRumors is an affiliate partner with Anker. When you...
Read Full Article19 comments
General Apps Messages

Green Bubbles on iPhone to Gain These 7 New Features Next Year

Thursday November 30, 2023 9:00 am PST by
Earlier this month, Apple announced that it will finally support RCS in the Messages app on the iPhone starting later next year. This change will result in several improvements to the messaging experience between iPhones and Android devices. RCS will become the new default standard for messaging between iPhones and Android devices, but these conversations will still have green bubbles like...
Read Full Article
top stories 2dec2023

Top Stories: iOS 17.1.2 Released, NameDrop Misinformation, and More

Saturday December 2, 2023 6:00 am PST by
Apple employees are back to work following a Thanksgiving break, and that means this week saw a number of new operating system updates for both public release and beta testing. This week also saw some misinformation about Apple's new NameDrop feature making the rounds, while Apple and Goldman Sachs appear to be on the verge of a break-up in their Apple Card and savings account partnership,...
Read Full Article33 comments
instagram messenger

Instagram and Facebook Messenger Chats to Disconnect This Month

Tuesday December 5, 2023 1:57 am PST by
Meta has revealed plans to end Instagram users' ability to chat with Facebook accounts later this month, rolling back a feature that it introduced over three years ago. In September 2020, Meta (then Facebook) announced it was merging its Facebook Messenger service with Instagram direct messaging, allowing Instagram users to chat with Facebook users and vice versa using the same platform....
Read Full Article28 comments
iphone 5g mmwave

Apple's Work on 6G Connectivity Already Expanding

Monday December 4, 2023 7:00 am PST by
Apple's work on implementing 6G cellular connectivity on its devices appears to be ramping up, according to Bloomberg's Mark Gurman. In the latest edition of his "Power On" newsletter, Gurman explained that Apple is increasingly turning its attention to 6G, even amid its widely reported difficulties developing a custom 5G cellular modem. In 2021, the first highly specific Apple job...
Read Full Article133 comments