Private software exploit hunting firm, Zerodium, is raising its offer for iOS 10 exploits up to a whopping US$1.5 million (about RM6.2 million). Interestingly, just one month ago, the same firm had offered a ‘less lucrative’ bounty of US$500,000 (around RM2 million) for iOS 9 vulnerability discoveries.
In addition to raising the reward for iOS exploits, Zerodium has also increased the bounty for Android Nougat vulnerabilities to US$200,000 (approximately RM828,610), which is double that of what the firm had offered previously. That said, to qualify for such mouth watering rewards, Zerodium have mentioned that the exploit must work perfectly, up to a point where the ‘attacker’ will have full control over the target device – without leaving a trace.
Chaouki Bekrar, founder of Zerodium, stated that the reason for the raise in bounty is simply due to the increasing difficulty in ‘hacking’ mobile operating systems nowadays. Bekrar also mentioned that the decision to reward successful iOS 10 exploits with 7.5 times more bounty compared to Android Nougat vulnerabilities has got a lot to do with the demand and difficulty of exploiting the former operating system.
Upon discovering working vulnerabilities of both iOS and Android, Zerodium will then ‘sell’ the information to the government and other legitimate security firms. The exploits are then said to be used for monitoring criminals, terrorists, and other threats. Regardless, the raise in bounty for both mobile operating systems seem to indicate that both Apple and Google are evidently working harder to make their devices even more difficult to exploit.
(Source: Ars Technica, Wired)
