Zerodium hikes bounties for Apple vulnerabilities to as high as $2M

Posted:
in General Discussion
Zerodium -- a security firm that pays for exploits discovered by outside researchers -- this week increased its bounties for Apple-related vulnerabilities across the board, offering as much as $2 million for the most sensitive ones.

Hacking


The $2 million figure requires discovering a remote, "zero-click" iOS jailbreak "with persistence," Zerodium said. The company was previously offering $1.5 million, a sum now available to people who identify a "one-click" remote jailbreak.

Bounties have increased from $500,000 to $1 million for iMessage and SMS hacks, $200,000 to $500,000 for "Safari + LPE (iOS) [vulnerabilities] including a sandbox escape," and from $100,000 to $200,000 for flaws allowing privilege escalation to kernel or root in iOS. The greatest proportional leap may be for Touch ID and passcode bypasses, which now pay out $100,000 instead of $15,000.

The biggest bounties are unlikely to be claimed. While remote jailbreaks were possible in the early years of the iPhone, Apple clamped down hard, nominally for security and stability but with the benefit of preventing people from bypassing the App Store. The company normally takes a 30 percent cut from App Store transactions, and has strict rules on what can appear there.

It can likewise be tough to find flaws in iMessage, though malicious links and characters are sometimes used to force Messages to crash.

Exploits collected by Zerodium are used to provide data and security recommendations to clients. The company courts a "limited number of eligible customers," since criminals and others might naturally want to discover easy hacking methods.

Apple has sometimes been accused of paying too little in the way of bounties, capping sums at $200,000. That encourages researchers to turn elsewhere, even though exploits can have a serious impact on iPhone, iPad, and Mac users.

Comments

  • Reply 1 of 6
    $100,000 for TouchID bypass?

    So which of all those YouTube experts is going to be the first to collect? /s
    racerhomie3airnerd
  • Reply 2 of 6
    fallenjtfallenjt Posts: 4,056member
    If this bounty is for Android, this research company will go bankrupt in 1 day...😂
    airnerdracerhomie3boltsfan17colinng
  • Reply 3 of 6
    The rapidly increasing bounties is a good sign as it means the hacks/bypasses, etc., are being foiled and harder to find.  
    racerhomie3
  • Reply 4 of 6
    mac_dogmac_dog Posts: 1,083member
    Does anyone know anything about this company? Is it possible our government (and others) could be paying them to offer this bounty? I wouldn’t be surprised if they were. 
  • Reply 5 of 6
    DAalsethDAalseth Posts: 2,970member
    I question calling them "a security firm". They are a bunch of Black Hat hackers and data brokers that deal in selling stolen exploits. Security Firm, makes them sound like the good guys.
  • Reply 6 of 6
    DAalseth said:
    I question calling them "a security firm". They are a bunch of Black Hat hackers and data brokers that deal in selling stolen exploits. Security Firm, makes them sound like the good guys.
    The fact is , there is a very thin line separating them. At least if they are white hats we hear 👂 about them . That is always good.
Sign In or Register to comment.