Last year, soon after iOS 9 was released, Zerodium – exploit acquisition platform – announced a $1 million bounty program for iOS 9 jailbreak. This year around, the company has increased its reward for a successful jailbreak of iOS 10 to $1.5 million.
If that name sounds familiar, it’s because they’ve been doing this kind of thing for years. Zerodium is the kind of company that buys hacking talent to find 0day exploits in various operating systems, which it can then sell off to other higher-paying entities, which include major technology, finance, and defense corporations, as well as government agencies.
This time around, the company’s bounty is for a remote jailbreak exploit for iOS 10.Unlike last year, when Zerodium’s bounty program was only running for a limited period of time, this year’s bounty program will be running all year long. The company was initially offering $500,000 for iOS 10 remote jailbreak exploit but raised the stakes after it noticed how Apple has further increased its security measures in iOS 10.
“We’ve increased the price due to the increased security for both iOS 10 and Android 7, and we would like to attract more researchers all year long, not just during a specific bounty period as we did last time,” Zerodium’s founder Chaouki Bekrar said.
All an eligible hacker needs to do to collect the bounty is show a proof of concept that their exploits work, and then share the exploits with Zerodium, all while providing the firm with full rights to them. Afterwards, Zerodium will pay up its promised funds within a week.
In addition to its iOS 10 bounty, Zerodium also doubled the reward for its Android 7.0 jailbreaks to $200,000 due to improved security measures from Google. Zerodium uses the exploits it gets from such programs to sell to its customers and clients which likely pay it millions of dollars for them.
For what it’s worth, these kinds of large bounties haven’t stopped jailbreak teams like Pangu and TaiG from releasing jailbreaks to the public in the past, so you shouldn’t expect that this will prevent progress on a future iOS 10 jailbreak for everyone.