Zero-day broker firm Zerodium has announced what it is calling “the world’s biggest zero-day bug bounty program.” Dubbed Million Dollar iOS 9 Bug Bounty, the program will see the company paying a whopping $1 million to anyone who develops and submits an iOS 9 zero-day exploit.
“Apple iOS, like all operating system, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple’s iOS is currently the most secure mobile OS,” the company said in a blog post.
“But don’t be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play.”
Zerodium explains that the exploit must lead to and allow a remote, privileged, and persistent installation of an arbitrary app on a fully updated iOS 9 device. The company, which sells these zero-days to governments and corporate clients, is willing to pay out a total of $3 million in rewards, which means it’s open to accepting multiple exploits/jailbreaks.
For eligibility criteria and other conditions, head to the Source link below.
Source | Via