Home » News » General » Zerodium’s $1 million bounty for iOS 9 hack has been claimed

Zerodium’s $1 million bounty for iOS 9 hack has been claimed

By Shrey Pacheco | Updated on 03-Nov-2015
Zerodium’s $1 million bounty for iOS 9 hack has been claimed
Shrey Pacheco Shrey Pacheco
03-Nov-2015
HIGHLIGHTS

The company posted a tweet congratulating the winning team and if it does indeed have a hack, then it is possible that any Apple device running iOS 9 will be vulnerable

Zerodium’s $1 million bounty for hacking the new iOS 9 has apparently been claimed. The company posted a tweet on its Twitter account congratulating the winners. The company had announced the bounty program, called Million Dollar iOS 9 Bug Bounty in September and had given hackers till October 31 to come up with a zero-day exploit of the iOS 9 OS. 

In its tweet, Zerodium said, “Our iOS #0day bounty has expired & we have one winning team who made a remote browser-based iOS 9.1/9.2b #jailbreak (untethered). Congrats!” They didn’t mention who won the bounty. They were also not clear if the security exploit was limited to Apple’s Safari web browser or all browsers used on the devices. If this is true, and Zerodium does indeed have a hack, then it is possible that all Apple devices running iOS 9, including the new iPhone 6s and the 6s Plus, are vulnerable. 

Zerodium is a zero-day acquisition platform that was willing to pay out $1 million to each individual or team who could create and submit an exclusive, browser-based, and untethered jailbreak for iOS 9. The company was ready to pay a total of $3 million in rewards for iOS 9 exploits and jailbreaks. The program was aimed towards experienced security researchers, reverse engineers, and jailbreak developers. There were a number of conditions for any submission to be eligible for the bounty. One of these conditions was that any submission must lead to and allow remote, privileged, and persistent installation of an arbitrary app on a device with iOS 9. Another condition was that the attack could be through a webpage that targets the default configuration of mobile Safari or Chrome. It could also be through a webpage that targets any app that it reachable through the browser. The attack could also occur through a text or multimedia file delivered through SMS or MMS. The company had also said that the whole process should be achievable remotely and silently without any interaction from the user except when they visit a page or read a SMS/MMS. Zerodium had also said that Submissions must include a full chain of unknown, unpublished, and unreported vulnerabilities/exploits. However, it had said that it may make a distinct offer for the partial exploit. 

Shrey Pacheco

Shrey Pacheco

Writer, gamer, and hater of public transport. View Full Profile

New Mobiles
Oppo Find X8Samsung Galaxy A16 5GInfinix Hot 50 Pro 4GSamsung Galaxy S25 Ultra
Top-10s
Top Most Beautiful and Stylish Mobile Phones for Women/Girls (November 2024)Best Budget Smartphones in India (November 2024)Best Battery Backup Smartphones in India (November 2024)Best Phones Under ₹8,000 in India (November 2024)
Latest News
GTA 6 will feature “absolutely mind-blowing things,” as claimed by Rockstar GamesSamsung launches Music Frame Wicked Edition: Price and other detailsNASA warns about 170-ft aeroplane-sized asteroid heading towards Earth at 47,644 KMPHRedmi Note 14 series India launch in December: Expected price, features, and more
Digit

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

Follow us : logo logo logo logo logo logo
Company About Us Contact Us Advertise with us Regulatory Terms & Conditions Privacy Policy Disclaimer Complaint Redressal
Copyright © 2024 Bennett, Coleman & Company Limited All Rights Reserved.
Digit.in
Logo
Digit.in
Logo