American cybersecurity giant, Zerodium, has increased its reward for any hacker who can successfully break in and gain control of iOS 10, starting September 29. Anyone who can tamper with an iPhone or iPad running Apple’s latest software will be rewarded with up to 1.5 million dollars.
Zerodium is a “privately held and venture backed” cybersecurity company that operates in the U. S., Europe, the Middle East and Africa. It has become famous for offering five and six figures rewards for different hacking endeavors.
The current prizes are awarded to security researchers (a more elegant name for hackers) that can discover and take advantage of zero-day exploits, meaning vulnerabilities in software companies are unable to foresee and therefore threaten and affect a large number of users before being fixed.
The rules of the game
The bounty has been available since yesterday and does not have an end date, other than when a hacker can complete the breaching requirements. Both independent hackers and large hacking groups from any country can participate, except the ones living in a U. S. or UN sanctioned country.
Security research submissions must be sent to the company via PGP-encrypted emails only. PGP stands for (Pretty Good Privacy) and is an encryption software created by computer scientist Phil Zimmermann in 1991. Other requirements can be found in the company’s security research FAQ.
How much is Zerodium paying hackers to crack iOS10?
Zerodium’s official website for their research program offers various types of rewards for different types of hacking exploits. The highest-paid hack, which is the subject of this article, requires a Remote Jailbreak (or RJB) of any iPad or iPhone running iOS 10.
Any hacker who can remotely (i. e., from a relatively large distance and without being connected in any way to the targeted device) access and gain full control of a fully-patched Apple product will receive $1.5 million.
A Remote Jailbreak is arguably the most dangerous hack any user of an electronic device can suffer. In this kind of cyber attacks, people will find themselves unable to control their gadgets, and the criminal could be anywhere near.
A recent example of this hack could be the one demonstrated by Chinese cybersecurity company Keen Security Labs when they tapped into and gained control of some of the electronic functions in a Tesla Model S.
The next highest-paid exploits on Zerodium’s website are the RBJ of Android 7 ($200,000) and the RCE, or Remote Code Execution, of the latest Adobe Flash ($100,000).
Source: Zerodium FAQ Zerodium