Exploit trader offers $1m bounty for iOS zero-day
Zerodium wants remote-access crack for Apple devices to push jailbreak services to iPhones, iPads
Malware dealers have offered a $1m bounty to any miscreant that can build useable zero-day exploit code for Apple's iOS 9, The Register reported.
The exploit trader, called Zerodium, will likely use the exploit in concert with others to achieve remote code execution, so it can sell jailbreak services to iFans. Jailbroken iOS devices give their users freedom to install any apps they want.
But any exploit uncovered by would-be bounty-collectors could also be potentially used for installing malware, allowing third parties to compromise, spy on, or steal data from a target device.
Zerodium is prepared to accept code that executes through Safari or Chrome Web browsers, or through an SMS or MMS message. It is willing to pay out up to three bounties, for a total of $3m as part of the scheme, which ends on 31 October.
Submitted exploits must be able to run on the latest versions of Safari or Chrome on iOS for iPhone 5 and later, including Apple's forthcoming iPhone 6S and 6S Plus. They must also run on iPad Mini 2 and later, and iPad Air and later.
"The whole exploitation/jailbreak process should be achievable remotely, reliably, silently, and without requiring any user interaction except visiting a webpage or reading an SMS/MMS. Attack vectors such as physical access, bluetooth, NFC, or baseband are not eligible for the Million Dollar iOS 9 Bug Bounty," Zerodium said.
Zerodium's challenge comes just days after security researchers found a large number of popular App Store apps had been laced with Xcode-compiler malware called XcodeGhost.