Zerodium, an American information security company, which acquires premium zero-day vulnerability, will pay you $2 million if you succeed in jailbreaking Apple iOS remotely.
In an updated list of financial rewards for uncovering previously unknown zero-day vulnerabilities, Zerodium has put mouth-watering rewards for exposing vulnerabilities in WhatsApp, iMessage, and iOS.
Zerodium sells such vulnerabilities that can compromise users’ security to their customers. Their customer base includes law enforcement agencies, corporate entities, and government institutions.
With companies putting in their best efforts to keep users’ privacy intact by deploying encryption and other techniques, the market for vulnerabilities is hot at the moment. Law enforcement agencies in the US have taken help from security experts for breaking into iPhones of suspects, and government officials are protesting against encryption for a long time.
For Apple iOS remote jailbreak (Zero Click) with persistence, Zerodium is now paying $2,000,000 which was previously $1,500,000. WhatsApp, iMessage or SMS/MMS remote code execution can fetch you $1,500,000. Meanwhile, the company has also increased the bounty for security exploitations in servers and desktops.
Bounty has been doubled for Windows RCE (Zero Click), for e.g., via SMB or RDP packets and Chrome remote code execution bugs.
Zerodium is not the only company which is offering a massive amount for bringing exploits to notice. Crowdfence, a Dubai-based company, also runs a platform for security analysts where they can sell vulnerabilities and exploits.