Earn $1.5 million by remotely jailbreaking iOS 10

Graham Cluley

Earn $1.5 million by remotely jailbreaking iOS 10

Exploit prices

A year ago, vulnerability broker Zerodium made the headlines when it offered a stonking one million dollars to anybody who could come up with a zero-day remote exploit for iOS 9. Sure enough, someone came up with the goods: a browser-based, untethered jailbreak for iOS 9 using a zero-day vulnerability.

Of course, Zerodium wasn’t being altruistic. It offers huge prizes to vulnerability researchers if they can find ways to crack into operating systems, because they know that those exploits can then be sold on (at profit) to governments and intelligence agencies. Zerodium’s customers then use them to spy on suspected criminals, terrorists, foreign nations and other people they want to keep tabs on.

Who loses out? Well, we all do – apart from Zerodium, the intelligence agency and the guy who picks up the pay cheque. Zerodium doesn’t share details of the exploit with vendors like Apple, Google, Microsoft or Adobe who might be able to fix the security hole to make our devices and communications safer.

Of course, the likes of Apple, Google, and others do offer bug bounties for researchers who wish to share details of their vulnerability discoveries responsibly, and want to see them fixed for the increased safety of all of us. But the tech companies don’t come anywhere close to offering the same kind of monetary reward as Zerodium.

So, if you had a zero-day vulnerability for remotely hacking an iPhone would you tell Apple or Zerodium?

The good news is that it’s not quite as black-and-white choice as the sheer monetary rewards would suggest. Many of the folks who uncover security holes in software feel passionately about what they are doing, and the importance of privacy. Even with Zerodium offering such huge sums of money, they may find the idea of their exploit being used by an oppressive government to spy upon its citizens too big a price to pay.

Zerodium needs exploits, however, for its eager customers. And so it has upped its rewards even further. It’s offering $1.5 million to anyone who can come up with a working remote iOS 10 jailbreak vulnerability.

The prices aren’t as high if you can do something similar on Android. The bounty for that has doubled, increasing to $200,000, emphasising that Android is not only an easier nut to crack, but also that there is simply a greater demand for ways to spy upon users of Apple iOS devices.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

5 Replies to “Earn $1.5 million by remotely jailbreaking iOS 10”

  1. I'm a fan of responsible disclosure but, as others have said, companies like Apple offer a paltry reward program – $250,000. Not that much if the ethical hacker has a family to feed and he's spent many months working on a vulnerability. It's a risky business because somebody else may find the vulnerability before you and you'll get nothing.

    A couple of other points from a Twitter exchange worth mentioning (about their $250,000 bug bounty):

    "From Apple, that’s if you are accepted into the currently invite-only program – and they could easily say out of scope."

    "If it doesn’t fit there scope, you don’t get paid, but the bug will be fixed – meaning you don’t get a cent."

    https://twitter.com/netik/status/781585006434983936

    On the other hand you can sell to Zerodium, there's no need to be offered an 'invite-only' place, you're guaranteed to get paid and you earn $1.5 million (or £1.2 million).

    It's a no-brainer really… and it's Apple's fault.

  2. Are you sure it's one million, 5, and not $12.50? I could find that $12.50 in coin while walking my dog. Apparently, according to Bob, Apple has found a way to weasel out of even that small amount if you are not in their invite only clique. Oh well, Steve Jobs was a harsh master. <Heinlein pun. If they really do pay the 1.5 mill then…..YAHOO!

  3. It's not just the fact that Apple only recently started to reward researchers, but they have treated these people with contempt for years. Just ask Johnathan Zdziarski about that, when only two years ago, he gave his presentation at Blackhat USA, about the "backdoors" in IOS 8.x What he did to/for Apple, is what Snowden did to/for the world of security. Apple barely gave credit to him, and he was viciously attacked by the "fanboy press" tech journalist. Finally, some after interviews by the likes of "elreg" (the register) and some long blog posts by Johnathan, told the whole tragic episode. But, Apple was forced into beefing up security.
    His website: www.Zdziarski.com
    You can find lots of information on a wide range of other security related subjects, but he is a forensic specialist on Apple ios.

    Now, as for Android being less rewarding to hack, I think that's because there are way more researchers for that system. But, rooting is a common thing, and by design, a more open system. Although Google too has beefed up security over the last couple years, they still have a ways to go.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.




Stay informed!

Join thousands of others by signing-up for the free “GCHQ” newsletter, containing the latest news and tips from security expert Graham Cluley.

Name:

Email:

Yes, I would like to subscribe to email updates from Graham Cluley. I know it’s easy to unsubscribe if I ever change my mind.