Unnamed hacking team picks up $1m prize for iOS 9 zero-day

Zerodium says exploit takes advantage of 'a number of' vulnerabilities in Chrome and iOS 9

Tags: Apple IncorporatedZerodium (www.zerodium.com/)
  • E-Mail
Unnamed hacking team picks up $1m prize for iOS 9 zero-day The exploit allows hackers to remotely jailbreak iOS 9 devices
By  Tom Paye Published  November 3, 2015

An unnamed hacking team has claimed a $1m prize for finding a remote exploit for the latest version of Apple's mobile operating system, iOS 9.

The prize was handed out by Zerodium, which describes itself as a premium exploit platform. It provides clients - large corporations and governments - with exclusive exploits for various pieces of software. Earlier in the year, the company came to prominence with the announcement of a $1m prize for anyone who could provide it with an exclusive zero-day exploit for iOS 9.

The prize was claimed within hours of the competition deadline, the company said in an announcement. The criteria of the assignment was that the exploit had to deliver an "exclusive, browser-based, and untethered jailbreak". Zerodium also said that it wanted the exploit to offer the "remote, privileged, and persistent installation of an arbitrary app" on an updated iOS 9 device, following a visit to a malicious web page in Safari or Chrome, or through a link in an SMS message.

Pangu, a Chinese research team, has already jailbroken iOS 9, but that team's jailbreak is publicly available, and cannot be carried out remotely.

The team that will be picking up the Zerodium bounty, however, found a way to remotely jailbreak devices running iOS 9 through "a number of vulnerabilities" in both Chrome and iOS 9.

Naturally, according to Zerodium's business plan, the vulnerability will not be made public, and will instead be offered to the company's customers.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code