Home » News » Tech » $3 million reward for finding vulnerabilities in Apple's iOS 9
1-MIN READ

$3 million reward for finding vulnerabilities in Apple's iOS 9

IBNLive.com

Last Updated: September 22, 2015, 13:06 IST

$3 million reward for finding vulnerabilities in Apple's iOS 9

A few days after the release of the new iPhone software upgrade, a company named Zerodium has announced what is believed to be the world's biggest zero-day bug bounty program.

It appears that hackers are having a tough time finding weaknesses in Apple's latest mobile OS - iOS 9's security. A few days after the release of the new iPhone software upgrade, a company named Zerodium has announced what is believed to be the world's biggest zero-day bug bounty program.

Under the progam, the company says to offer a million dollar reward to those who bring them vulnerabilities in iOS 9. We "will pay out one million US dollars to each individual or team who creates and submits to Zerodium an exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices."

This Million Dollar iOS 9 Bug Bounty is actually tailored for experienced security researchers, reverse engineers, and jailbreak developers. The program is open until October 31, and may be terminated prior to its expiration if the total payout to researchers reaches three million US dollars, says the company. You can read all about eligibility and submissions here.

While this offer may appear to be tempting and could make a couple of us rich, here is something to keep you wary of it. Zerodium founder Chaouki Bekrar allegedly has had a not-so-good past record to his credit. He is also the man behind the French hacking firm Vupen, which is reportedly involved into developing intrusion techniques for popular software with the purpose of selling them to government agencies across the globe.

"Bekrar’s past customers for such undisclosed hacking techniques have included the NSA as well as other NATO countries and 'NATO partners' that Bekrar declines to name," claims a Wired report.

The report also quotes ACLU lead technologist Chris Soghoian as calling Bekrar "a 'modern-day merchant of death,' selling 'the bullets for cyberwar.'"
first published:September 22, 2015, 13:05 IST
last updated:September 22, 2015, 13:06 IST