contador web Saltar al contenido

ZERODIUM pays up to $ 2 million for iOS vulnerabilities

That the world of jailbreak It has already been more exploited (and popular) than today, there is no denying it; but it still exists. Even with all the security features offered by iOS, the latest version of Apple's mobile operating system may have loopholes, and the security company ZERODIUM pay now until $ 2 million for those who discover them.

Founded in 2015, ZERODIUM specializes in buying and selling vulnerabilities (exploits) newly discovered or never seen the light of day (zero day). In the case of iOS, the company recently updated its reward list for loopholes found in the system, and at the top of it is a jailbreak remote (zero click) definitive.

Because it is a rare type of vulnerability (requiring a hacker to remotely perform an attack without the target clicking on something), ZERODIUM has increased the reward value to anyone who finds it from $ 1.5 to $ 2 million; Of course, the person must also present a solution to the found fault.

Other rewards are also greater, such as those related to WhatsApp, iMessage and SMS ($ 1 million), Safari vulnerabilities such as Sandbox Escape (US $ 500 thousand), and due to failures in kernel or root iOS ($ 200K). Plus, anyone figuring out how to bypass Touch ID and iPhone protection can now get up to $ 100,000.

ZERODIUM is not the only company that has a breach rewards program found in operating systems. THE Crowdfense, founded in 2017, pays up to $ 2.5 million for Safari vulnerabilities and up to $ 3 million for Safari. jailbreaks remote. Apple has also started offering a similar program from 2016, but some hackers claim the company doesn't pay very well for the findings, prompting them to look for other companies.

via ZDNet