What's new
Apple iPad Forum 🍎

Welcome to the Apple iPad Forum, your one stop source for all things iPad. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Black Hat Firm Increases iOS 10 Exploit Bounty Because it’s Harder to Crack

Maura

iPadForums News Team
Joined
Jun 7, 2010
Messages
3,894
Reaction score
261
Location
UK
Zerodium pays big bounty for iOS 10 zero day exploits.JPG

9to5 Mac reports that black hat security firm Zerodium has increased its maximum bounty for finding zero-day iOS 10 exploits to $1.5 million, having previously offered $1 million for iOS 9 exploits.

Zero-day exploits are those that have not yet been discovered by the developer, and therefore give companies zero days to prepare. Zerodium’s founder, Chaouki Bekrar, told Arstechnica that the company was offering more money for iOS 10 exploits as a result of the increased security in iOS 10.

Bekrar said that Zerodium was prepared to offer much more money for the discovery of zero-day iOS exploits than Android exploits because “iOS 10 chain exploits are either 7.5 x harder than Android or the demand for iOS exploits is 7.5 x higher. The reality is a mix of both.”

Explaining what makes an exploit worth of big-bucks payouts from Zerodium, Bekrar said, “To qualify for a Zerodium bounty, the chain must generally work almost flawlessly to surreptitiously give an attacker complete control over the targeted device. In the parlance of hackers, that’s called a weaponized exploit. It’s not enough that a researcher provides only a rough outline of the vulnerabilities with a less-than-perfect proof-of-concept exploit. The bounties paid by Apple and Google, by contrast, are much less demanding, and as a result, they generally require less work.”

Source: Black hat security company increases bounty to $1.5M as iOS 10 ‘much harder to exploit’
 

Most reactions

Latest posts

Top