Last year, soon after iOS 9 was released, Zerodium — a premium zero-day acquisition platform — announced a $1 million bounty program for iOS 9 jailbreak. This year around, the company has raised the stakes even higher for iOS 10 jailbreak at $1.5 million.
This time around, the company’s bounty is for a remote jailbreak exploit for iOS 10.Unlike last year, when Zerodium’s bounty program was only running for a limited period of time, this year’s bounty program will be running all year long. The company was initially offering $500,000 for iOS 10 remote jailbreak exploit but raised the stakes after it noticed how Apple has further increased its security measures in iOS 10.
“We’ve increased the price due to the increased security for both iOS 10 and Android 7, and we would like to attract more researchers all year long, not just during a specific bounty period as we did last time,” Zerodium’s founder Chaouki Bekrar said.
Zerodium’s bounty award is significantly higher than Apple which has a maximum reward of $200,000 for major vulnerabilities. Additionally, the program is invite-only, though the company can consider opening it as it grows.
In addition to its iOS 10 bounty, Zerodium also doubled the reward for its Android 7.0 jailbreaks to $200,000 due to improved security measures from Google. Zerodium uses the exploits it gets from such programs to sell to its customers and clients which likely pay it millions of dollars for them.Like this post? Share it!