Zerodium Ups iOS Bug Bounty to $1.5M

...

Looking to make some serious cash? Grab an iPhone and start hacking.

The somewhat controversial security start-up Zerodium, which buys and sells zero-day (aka unknown) software exploits, has increased its permanent bug bounty for iOS flaws to $1.5 million.

The firm made headlines last year when it offered $1 million for unknown iPhone and iPad flaws. Zerodium ended up cutting that $1 million bounty in half after paying for three qualifying submissions, but now the reward is back up and higher than ever.

If iOS hacking isn't your thing, the company also this week increased bounties for Android and Flash flaws. Zerodium is now paying double — or $200,000 — for Android bugs and $80,000 for Flash vulnerabilities (up from $50,000).

Zerodium founder Chaouki Bekrar told Ars Technica the new prices reflect today's tightened security landscape. "Prices are directly linked to the difficulty of making a full chain of exploits, and we know that iOS 10 and Android 7 are both much harder to exploit than their previous versions," he told Ars.

Apple launched a bug bounty program of its own just last month, offering hackers up to $200,000 to identify vulnerabilities in its products. Google has offered bug bounties for some time, but its prices, too, are only a fraction of Zerodium's million-dollar-plus payday.

As Ars notes, however, getting a bounty from Zerodium requires a lot more work, since the company is seeking so-called "weaponized" exploits, which give an attacker full control over a targeted device, not just rough proof-of-concept code. It's also worth mentioning that not everyone is a fan of Bekrar, who has a history of selling exploits to the highest bidder, rather than disclosing issues to the manufacturer.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    WD My Cloud Makes It Easy to Set Up Your Own Private Cloud

    If you are on your local network, My Cloud appears as a network drive, so you can easily copy data to it.It's not quite as simple or smooth as the major public cloud services, but it does offer useful features such as an easy way to back up photos.
  • 5300c769af79e

    Cloud Enters Mainstream in Federal IT Investment Plans

    There has been significant progress in federal cloud adoption, noted immixGroup, at its Government IT Sales Summit last month.There is wide interest in cloud computing among federal agencies, based on the results of a survey of 100 federal IT managers, which Dell EMC Federal released last month.
  • 5300c769af79e

    Saudi Arabia Invests $3.5B in Uber

    5 billion from Saudi Arabia's Public Investment Fund (PIF).Marking one of the largest-ever investments into a privately held start-up, the money pushes Uber's latest funding series to $62.
  • 5300c769af79e

    Amazon May Let Developers Read Your Alexa Chats

    The way to respond to competition is by improving the Echo/Alexa service.However, in order to do that Amazon is considering stepping into the risky area of sharing private data with third-party developers.