ZERODIUM, a premium zero-day acquisition platform, today announced the biggest zero-day bug bounty program: The Million Dollar iOS 9 Bug Bounty.
As the name suggests, the bounty program is targeted towards iOS 9, which is widely considered as among the most secure mobile platforms out there.
ZERODIUM says that it will be paying out 1 million U.S. dollars to each individual or team that creates or submits to them an “exclusive, browser-based, and untethered jailbreak” for iOS 9. The jailbreak must work on all the iOS devices, including the iPhone 6s, iPhone 6s Plus, iPad Air 2, and others. The last browser-based Jailbreak for iOS devices was Jailbreak.me that was released back in 2011 by comex. While developers and researchers might be able to find an exploit or bug that allows them to successfully jailbreak iOS 9, the chances of them finding a browser-based exploit is unlikely and is certain not going to be easy.
In total, the company will be paying out 3 million U.S. dollars for all iOS related exploits and jailbreaks found by developers and researchers. The zero-day bounty program is open until 6:00 p.m. EDT on October 31 or until Zerodium ends up paying the total promised prize money to developers and researchers.
You can find more information about the Million Dollar iOS 9 bug bounty program here.
Oh, and don’t expect ZERODIUM to make the exploit public or release a jailbreak tool for iOS devices.