Skip to main content

zerodium

Two 'zerodium' stories November 2015 - September 2016
See All Stories

Black hat security company increases bounty to $1.5M as iOS 10 ‘much harder to exploit’

Avatar for Ben Lovejoy Sep 30 2016 - 4:35 am PT
0 Comments

ios10-zerodium

Black hat security company Zerodium – which seeks to find vulnerabilities in iOS and Android to sell to corporate and government clients – has increased its maximum bounty for zero-day iOS 10 exploits to $1.5M. It previously offered $1M for iOS 9 vulnerabilities.

A zero-day vulnerability is one not yet known to the developer, so companies have zero days to prepare for exploits. The company’s founder told Arstechnica that the increased reward reflected the improved security in the latest version of iOS. He also explained why the company pays far more for iOS vulnerabilities than Android ones …


Expand
Expanding
Close

Browser-based jailbreak for iOS 9.1 and 9.2 beta exists, but don’t expect it to see the light of day

Avatar for Mike Beasley Nov 2 2015 - 12:26 pm PT
17 Comments

jailbreak

When Apple released iOS 9.1 last month, it closed an exploit that was used in the development of the most recent jailbreak software. As with every new iOS release, users were forced to choose whether they wanted to upgrade to the latest version of the operating system or stay on a slightly outdated version in order to preserve their jailbreak.

While that hasn’t changed today, a new bit of information from Zerodium has revealed that it is possible to jailbreak iOS 9.1—and the new iOS 9.2 beta—without even needing to plug it into a computer.

[tweet https://twitter.com/Zerodium/status/661240316331069443 align=’center’]

Browser-based jailbreaks have been a thing of the past for several years now, but Zerodium says it has awarded a $1 million bounty to one team of developers who managed to put together a new hack for modern iOS versions. Unfortunately, it’s not expected that users will ever benefit from this specific discovery. Zeroidum is in the business of buying exploits, not releasing jailbreaks, and after spending $1 million on this one, it’s not likely they’d release it to the public.

So while the developers who discovered this particular trick probably won’t be pushing out a 9.1 jailbreak anytime soon, users can at least rest assured that it is possible to create a JailbreakMe.com-style jailbreak for today’s software. Whether anyone will put this type of exploit to use is yet to be seen.