Zerodium, which is part of the exploit acquisition platform software sector, has offered $1.5 million for a complete hack of the iOS 10 from Apple Inc. (NASDAQ: AAPL).
Zerodium describes a full hack as follows:
ZERODIUM pays premium rewards to security researchers to acquire their original and previously unreported zero-day exploits affecting major operating systems, software, and/or devices. While the majority of existing bug bounty programs accept almost any kind of vulnerabilities and PoCs but pay lower rewards, at ZERODIUM we focus on high-risk vulnerabilities with fully functional exploits, and we pay the highest rewards on the market.
MacRumors quotes founder Chaouki Bekrar:
We’ve increased the price due to the increased security for both iOS 10 and Android 7, and we would like to attract more researchers all year long, not just during a specific bounty period as we did last time.
For those with the skills a full list of bounties offered by Zerodium:
|Product / Exploit Type||New Price||Previous Price|
|Apple iOS 10 (Remote Jailbreak)||$1,500,000||$500,000|
|Android 7 (Remote Jailbreak)||$200,000||$100,000|
|Flash (RCE) + Sandbox Escape||$100,000||$80,000|
|MS Edge + IE (RCE) + Sandbox Escape||$80,000||$50,000|
|Safari on Mac (RCE) + Sandbox Escape||$80,000||$50,000|
|OpenSSL or PHP (RCE)||$50,000||$40,000|
|MS Windows Reader App (RCE)||$50,000||$30,000|
|MS Office Word/Excel (RCE)||$40,000||$30,000|