Zerodium, a privately held and venture backed startup, founded by cybersecurity veterans with unparalleled experience in advanced vulnerability research and exploitation. ZERODIUM created to build a global community of talented and independent security researchers working together to provide the most up-to-date source of cybersecurity research and capabilities.
ZERODIUM rewards independent researchers for their zero-day discoveries and then analyzes, documents, and reports all acquired security information, along with protective measures and security recommendations, to its clients as part of the ZERODIUM Security Research Feed (Z-SRF).
This marvelous startup company has announced to pay $1 million USD to those that can jailbreak iOS 9. This program was launched with the aim of buying an “exclusive, browser-based, and untethered jailbreak” for Apple’s latest mobile operating system.
The company stated in a blog,
[quote color=”#000000″ bcolor=”#1e73be”]
“Apple iOS, like all operating system, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple’s iOS is currently the most secure mobile OS. But don’t be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play.”
The hacker has to adhere to some rules of the jailbreak process and it must be reliable, silent and doesn’t require any actions to be taken by the user, save for visiting a web page or reading a text/MMS message. Similarly, they must work on a wide range of Apple hardware, including the iPhone 6S and 6S Plus. The pair of phones doesn’t go on sale until September 25, while the bounty program expires on October 31, giving people a little over a month to get their potential exploits working on the new phones.
“Partial or incomplete exploits/jailbreaks will not be eligible for the Million Dollar iOS 9 Bug Bounty. ZERODIUM may, at its sole discretion, make a distinct offer to acquire such partial exploits. All submissions must be made exclusively to ZERODIUM and must include the fully functioning exploit and its source code (if any), and a detailed whitepaper describing all the zero-day vulnerabilities and techniques used in the jailbreak,” the post added.