Zerodium Offers to Buy Zero- Day Exploits for Higher Prices

Zerodium Offers

Well, for hackers and hunters of vulnerability there’s some good news, though awful news for technology producers! Operation provider Zerodium now offers substantially higher payouts for full operating zero-day operations that permit data stealing from WhatsApp, iMessage and other online chat applications.

The start-up of the infamous French company Vupen that buys and sold zero day operations to government authorities around the world, Zerodium, now said that it would pay up to $2 million for remoteiOS jailbreaks and $1 million to take advantage of secure messaging applications.

Get a $2 Million Remote Dropping An iPhone Zerodium previously offered $1.5 million for persistent iOS jailbreaks, which can be executed remotely without a user’s interaction (no-click).

The company now offers $1.5 million for remoteiOS jailbreaks requiring minimal interaction between the users (i.e. a single click). Zerodium also doubled the price of remote code execution (RCE) exploits for secure messaging apps like WhatsApp, iMessage, and SMS / MMS apps for every mobile operating system, making them 1 million from $500,000. But for the popular encrypted app Signal, which is widely used by many technicians, journalists and lawyers, the price for zero-day exploits remained $500,000 the same as in previous years.

Additional Zéro-day Buyout Offers The list of revised Monday prices announced by Zerodium for a range of other feats: $1 million for remote-click execution exploits in Windows (formerly $500,000) $500,000 for remote code execution exploits in Chrome including a sandbox escape (formerly $250,000 and $200,000 respectively for Windows and Android) $500,000 for Apache or Microsoft.

The price increase is in line with demand for, and more robust security on, the most recent operating systems and messaging applications, and attracts more researchers, hackers and hot bugs. $100,000 is available to host (previously $100,000) for local pin / password or touch ID bypass for the Android and iOS (previously $15,000) for Windows privilege escalation or sandbox escaping (previously $50,000). Twitter Announcement about price.

In terms of popularity and security of the software or system concerned and the quality of the feature presented by Zerodium, such as the full or partial chain, the amount paid by Zerodium to researchers for acquiring original zero day achievements influences the current version, reliability, circumvented exploit reductions, process continuations and so on. Your research must be original and unreported in order to claim the prize money.

Zerodium also said it is willing to reward scientists even more for their outstanding achievements or research. The payout will be received by Hackers within a week after they have submitted the zero-day proof of concept together. Zerodium recently revealed that the NoScript browser plugin could have utilized a critical zero-day vulnerability to execute a JavaScript malicious system in victims ‘ tor browsers to identify the actual IP address of victims, even if the highest security level has been used.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.