Zero-Day Acquisition Platform Triples iOS 10 Bug Bounty to $1.5 Million

by

Exploit acquisition platform Zerodium has increased its reward for a successful jailbreak of iOS 10 to $1.5 million, far surpassing Apple's recent payout offer for discovering and reporting vulnerabilities in its software.

Late last year, Zerodium briefly offered and paid out $1 million to one hacking team for the successful creation of a browser-based jailbreak for iOS 9.1 and 9.2, but dropped the going rate for an exploit to $500,000.

zerodium
Rather than report the vulnerabilities to Apple, Zerodium said that it would sell the exploit to its customers, which include major technology, finance, and defense corporations, as well as government agencies.

Instead of being limited to a specific timeframe, the new $1.5 million reward is a permanent offer that aims to compensate for Apple's recently hardened security regime, said Zerodium founder Chaouki Bekrar.

We've increased the price due to the increased security for both iOS 10 and Android 7, and we would like to attract more researchers all year long, not just during a specific bounty period as we did last time.

At the same time, Zerodium's decision to up its bug bounty can be seen as a response to the imminent launch of Apple's own program.

Last month at the annual Black Hat Conference, Apple announced the launch of an invite-only Security Bounty Program that would offer rewards of up to $200,000 to researchers depending on the vulnerability discovered. Apple said the program would be limited to a few dozen researchers and would go live in September.

Earlier this week, several news media outlets were seemingly duped into reporting on an alleged 'secret' meeting of prominent hackers at Apple's Campus in Cupertino, which was supposed to include a briefing on the company's bug bounty program. The meeting was apparently a hoax perpetrated by the hackers themselves.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: Jailbreak, Zerodium
Related Forum: iOS 10

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article136 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article492 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
Apple Watch Series 9

2024 Apple Watch Lineup: Key Changes We're Expecting

Tuesday July 16, 2024 7:59 am PDT by
Apple is seemingly planning a rework of the Apple Watch lineup for 2024, according to a range of reports from over the past year. Here's everything we know so far. Apple is expected to continue to offer three different Apple Watch models in five casing sizes, but the various display sizes will allegedly grow by up to 12% and the casings will get taller. Based on all of the latest rumors,...
Read Full Article38 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments

Top Rated Comments

Hanzu Lao Avatar
Hanzu Lao
102 months ago
Why should not this be legal ?
If i sold a vulnerability of you home alrm system to someone would you like that?
Score: 26 Votes (Like | Disagree)
Abazigal Avatar
Abazigal
102 months ago
If i sold a vulnerability of you home alrm system to someone would you like that?
Just because I don't like something doesn't automatically make it illegal.
Score: 26 Votes (Like | Disagree)
indychris Avatar
indychris
102 months ago
You know, if Apple played their cards right, they could contract someone to work on their behalf and get $1.5Million of of Zerodium's money and directly benefit Apple. In fact, a truly conniving company could create a hidden 'vulnerability', sell it to Zerodium, fix the code right away and sink the potentially sabotaging company.
Score: 24 Votes (Like | Disagree)
Hanzu Lao Avatar
Hanzu Lao
102 months ago
How is this even legal?
Score: 20 Votes (Like | Disagree)
VulchR Avatar
VulchR
102 months ago
How is this even legal?
My thoughts exactly. This is a national security issue, not some business deal. We have the Patriot Act, but no legal requirement to report potential security vulnerabilities to the companies that make hardware and software?

Anybody who takes this 'bounty' should be held legally liable, along Zerodium, for any damages caused by a customer exploiting a bug...
Score: 16 Votes (Like | Disagree)
Peace Avatar
Peace
102 months ago
"Rather than report the vulnerabilities to Apple, Zerodium said that it would sell the exploit to its customers, which include major technology, finance, and defense corporations, as well as government agencies."

Did anybody not see this part ?
Score: 14 Votes (Like | Disagree)
Read All Comments