Zerodium has announced that they have increased the amount they are offering for an iOS 10 jailbreak to $1.5 million, a significant increase from the previous offer of $500,000. This substantial hike in the bounty reflects the growing complexity and enhanced security measures implemented in iOS 10.
The company, known for its high-stakes bug bounty programs, previously paid out $1 million last year to one hacking team for a jailbreak of iOS 9.1 and 9.2. This payout was one of the largest in the industry at the time, highlighting the value and difficulty of finding such vulnerabilities.
We’ve increased the price due to the increased security for both iOS 10 and Android 7, and we would like to attract more researchers all year long, not just during a specific bounty period as we did last time,” said Zerodium founder Chaouki Bekrar.
Why the Increase in Bounty?
The increase in the bounty is primarily due to the enhanced security features in iOS 10. Apple has been continuously improving its security protocols, making it increasingly difficult for hackers to find vulnerabilities. This has led to a decrease in the number of successful jailbreaks, thereby increasing their value. By offering a higher bounty, Zerodium aims to incentivize more researchers to focus on iOS 10, ensuring a steady stream of potential exploits.
Additionally, the rise in bounty also reflects the competitive nature of the bug bounty market. With other companies also offering substantial rewards for similar exploits, Zerodium’s increased offer ensures they remain a top player in attracting the best talent in cybersecurity research.
The Market for Jailbreaks
Once Zerodium acquires a jailbreak, they sell it to government agencies and private companies. These entities are willing to pay a premium for such exploits, often for purposes related to law enforcement, intelligence gathering, and cybersecurity research. The resale value of these jailbreaks is significantly higher than the bounty paid, making it a lucrative business for Zerodium.
For example, government agencies might use these exploits to access data on devices during criminal investigations or national security operations. Private companies, particularly those in the cybersecurity sector, might use the information to enhance their own security measures or to offer specialized services to their clients.
The ethical implications of selling such exploits are a topic of ongoing debate. While some argue that it helps in maintaining national security and combating crime, others raise concerns about privacy and the potential misuse of these vulnerabilities.
Challenges and Future Prospects
The increasing security measures in operating systems like iOS 10 and Android 7 pose significant challenges for researchers. Modern devices come with advanced security features such as secure boot, encrypted storage, and robust app sandboxing, making it harder to find and exploit vulnerabilities.
However, the lucrative rewards offered by companies like Zerodium ensure that there will always be a dedicated group of researchers working to find these exploits. As technology continues to evolve, so too will the methods used by both security researchers and malicious actors.
In conclusion, Zerodium’s decision to increase the bounty for an iOS 10 jailbreak to $1.5 million underscores the growing complexity and value of such exploits. By attracting top talent in the field, the company aims to stay ahead in the competitive bug bounty market, while also providing valuable tools to government agencies and private companies.
Source MacRumors
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.
