Skip to main content

Startup offering $3 million to anyone who can hand over zero-day exploits for iOS or macOS

Crowdfense, a startup company based out of the United Arab Emirates is offering up to $3 million for anyone who can offer a zero-day exploit on macOS, iOS, Android or Windows.

Motherboard reports that the startup put out a bug bounty on Tuesday.

Zero-day exploits are bugs or vulnerabilities that are unknown to the developers, in this case Google, Apple, or Microsoft. This allows companies such as Crowdfense to use the hole for their own personal advantage, such as developing jailbreak tools.

However, in this case, the company wants to sell the details to law enforcement and intelligence agencies, according to Crowdfense director Andrea Zapparoli.

“When I think about government agencies I don’t think about the military part, I think about the civilian part, that works against crime, terrorism, and stuff like that,” Zapparoli told me in a phone interview. “We only focus on tools aimed at doing activities of law enforcement or intelligence, not aimed at destroying or deteriorating the functionality and effectiveness of the target systems—but only aimed at collecting intelligence.”

The company is only interested in macOS, iOS, Android and Windows exploits specifically and is not interested in exploits for IoT devices, telecom, critical infrastructure or social media.

The company plans on taking a vastly different approach then most who are looking for zero-day exploits. It’s focus is on maximizing transparency. With that being said, Crowdfense has not disclosed who they’re talking to or what they plan on doing with such exploits.

The budget for its bug bounty program is currently set at $10 million. Anyone willing to work with the company is also not being disclosed at this time. Zapparoli declined to mention who invested in the company.

Back in 2016, Apple launched its own bug bounty program to catch bugs such as zero-day exploits. However, the program was largely ignored as payouts in the black market and other hacker groups were much higher than Apple’s low $200K payouts.


Check out 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications