Join us at TNW Conference 2022 for insights into the future of tech →

The heart of tech

This article was published on September 22, 2015

Found an iOS 9 security flaw? You could earn $1m — but not from Apple

Found an iOS 9 security flaw? You could earn $1m — but not from Apple
Abhimanyu Ghoshal
Story by

Abhimanyu Ghoshal

Managing Editor

Abhimanyu is TNW's Managing Editor, and is all about personal devices, Asia's tech ecosystem, as well as the intersection of technology and Abhimanyu is TNW's Managing Editor, and is all about personal devices, Asia's tech ecosystem, as well as the intersection of technology and culture. Hit him up on Twitter, or write in: [email protected].

Security firm Zerodium has announced a $1 million bounty for vulnerabilities found in iOS 9 that will allow a non-jailbroken device to be compromised and controlled remotely.

The company is looking for an exploit that can be deployed through a Web page or text message to allow the installation of an app on the latest iPhones and iPads.

Zerodium iOS 9 Bounty

While it’s widely believed that iOS is incredibly secure, it’s not completely immune to attacks, as the recent App Store breach showed.

To that end, Zerodium notes, “Don’t be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play.”

What does Zerodium want with an iOS hack? The company is in the business of selling such exploits to government agencies and corporate customers, who might well be interested in spying on people.

The terms of the bounty include that the bug must not be reported to Apple or publicly disclosed in any way.

Hackers have until October 31 to submit their findings including a full chain of vulnerabilities and an explanatory whitepaper.

Zerodium is willing to pay the bounty multiple times, but may terminate the offer once its payouts hit $3 million.

Zerodium’s Million Dollar iOS 9 Bug Bounty [Zerodium via Wired]

Also tagged with