In films and TV shows, a hacker is usually portrayed as a reclusive man complete with eyeglasses and a multiple monitor setup, creating computer viruses and hacking into surveillance cameras or bank accounts for personal gain. In the real world however, the process is much more complicated, not to mention more profitable. A recent example of this is Zerodium, a cybersecurity firm that pays hackers for zero-day discoveries, announcing a $1 million dollar bounty to find any new flaws in Apple's latest mobile operating system, iOS 9.
Zerodium is offering to pay out a hefty amount to the first three people or teams who can manage to create an exclusive, unthethered, browser-based jailbreak for Apple's iOS 9 operating system and devices.
"Apple iOS, like all operating system, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple's iOS is currently the most secure mobile OS. But don't be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here's where the Million Dollar iOS 9 Bug Bounty comes into play." a post from Zerodium's website reads.
Zerodium has also posted the eligibility and conditions of the Million Dollar iOS 9 Bug Bounty in full detail on their website. The bounty runs until the 31st of October of this year at 6:00PM Eastern Daylight Time.
Unlike corporate bounty for bug hunting however, Zerodium will be planning to sell the zero-days exploits for a profit instead of solving the newly discovered issues that will be found on the platform.
Reports also suggest that the move by Zerodium would seem more like good PR rather than an exploit hunt. There's a two-month time frame, giving researchers a small amount of time to develop and deploy proof of the exploit. But whatever the case, the practice is frowned upon the security researcher world as it puts the risk of security of the general population.
