Exploit vendor Zerodium Offers $1.5 Million Bounty For iOS Zero-Day Exploits

Exploit vendor Zerodium has tripled its bug bounty for an Apple's iOS 10 zero-day exploit, offering a maximum payout of $1,500,000.00 Reward.

That's more than seven times what Apple is offering (up to $200,000) for iOS zero-days via its private, invite-only bug bounty program.

Zerodium, a startup by the infamous French-based company Vupen that buys and sells zero-day exploits to government agencies around the world, previously offered US$500,000 for remote iOS 9 jailbreaks, which was temporarily increased to $1 Million for a competition help by the company last year.

The company paid out $1 million contest reward for the first three iOS 9 zero-days in November to an unnamed hacker group, then lowered the price again to $500,000.

With the recent release of iOS 10, Zerodium has agreed to pay $1.5 Million to anyone who can pull off a remote jailbreak of the Apple's latest mobile operating system, allowing a full third-party control over the device.

The company has also doubled its bug bounty for Android 7.x (Nougat) remote jailbreaks to $200,000 as well as boosted rewards for exploits in other software, including Adobe Flash, Microsoft Internet Explorer and Edge, Windows Reader, Microsoft Word and Excel, Safari, and OpenSSL or PHP.

The hike in the price is in line with demand and the tougher security of the latest iOS and Android operating systems, and to attract more researchers, hackers and bug hunters to seek complex exploit chains in iOS 10.

To claim the prize money, Zerodium is asking for a previously unknown security vulnerabilities that must allow an attacker to compromise a non-jailbroken iOS device remotely.

Zerodium CEO Chaouki Bekrar notes on Twitter that the company is prepared to buy multiple iOS zero-day hacks at that price, saying "We can afford to buy multiple iOS exploit chains for $1.5M each."

Hackers will get the payout within a week of submitting the zero-day vulnerabilities along with a valid working proof-of-concept. 

ZERODIUM evaluates and verifies all submitted research within one week or less. Payments are made by wire transfer within one week or less. For more information,  visit FAQ

source: zerodium

The owner of blogmytut.blogspot.com will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.Report any Broken Download linkon Blogmytuts Facebook Page. IF YOU WANT TO BORROW MY CONTENT PLEASE CONTACT US..
Share on Google Plus

About Jaime Lacson

A Freelance Computer Tech with knowledge about computer, router and mobile phones, especially in Upgrade and Downgrade OS, Software and Hardware troubleshooting. follow me at Google+
    Blogger Comment
    Facebook Comment