Browser-based Untethered iOS 9.1/ 9.2 beta Jailbreak wins $1 million bounty, probably won’t get released
iOS 9.1 has already patches two vulnerabilities used by the Pangu team in their jailbreak tool for iOS 9 – iOS 9.0.2 jailbreak. This means iOS users who have upgraded to the latest version of the operating system cannot jailbreak their devices. As of right now the newest jailbreakable version of iOS 9 is iOS 9.0.2. This is only true if you talk about the publicly available jailbreaks only.
ZERODIUM, a premium zero-day acquisition platform, had announced a $1 million dollar bounty for an untethered browser-based jailbreak for iOS 9 immediately after the iOS software update was released.
Zerodium announced that a hacking team has created a browser-based jailbreak for iOS 9.1, the latest software update, to win the $1 million bounty. The jailbreak also works on iOS 9.2, which has currently been seeded to developers. Apple had patched two vulnerabilities in iOS 9.1 used by the Pangu Jailbreak.
Our iOS #0day bounty has expired & we have one winning team who made a remote browser-based iOS 9.1/9.2b #jailbreak (untethered). Congrats!
— Zerodium (@Zerodium) November 2, 2015
This news at least gives us hope that a jailbreak for iOS 9.1 and current beta of iOS 9.2 beta is possible. It is quite an incredible achievement as browser-based exploit is considered extremely difficult. They are also the easiest ways to jailbreak iPhone, iPad or iPod touch. The last browser-based jailbreak for iOS devices was JailbreakMe that was released back in 2011 by comex, a well-known hacker.
Zerodium will be providing the iOS 9.1/iOS 9.2 jailbreak to “customers, whom the company has described as major corporations in defense, technology, and finance seeking zero-day attack protection as well as government organizations in need of specific and tailored cybersecurity capabilities.” The company doesn’t plan to release it to the public, nor does it plan to reveal the vulnerabilities to Apple, though Zerodium founder Chaouki Bekrar said that they might share the details in the future.
It is disappointing that the iOS 9.1 jailbreak that won the $1 million prize money won’t be released to the public, but silver lining from the news is that iOS 9.1/iOS 9.2 can be jailbroken. It remains to be seen if Pangu team or other jailbreak teams can discover the exploits in iOS 9.1/iOS 9.2.
We’ll let you know as soon as we’ve any further updates about the iOS 9.1/9.2 jailbreak.