January 10, 2019

CCME (4607 articles)

Share

Facebook 0 Twitter 0 Google+ 0 LinkedIn 0

Zerodium Offers $2 Million for Remote iOS Jailbreaks, and Much More

The zero-day broker Zerodium offers $2 million for remote iOS jailbreaks and $1 million for chat app exploits.

Zerodium announced it is going to pay up to $2 million for remote iOS jailbreaks that don’t need any user interaction, Previous offers of the company for this kind of exploits was $1.5 million.

The company also doubled the payouts for remote code execution flaws in WhatsApp, iMessage or SMS/MMS applications, payouts passed from $500,000 up to $1 million.

Payouts for remote code execution vulnerabilities affecting WhatsApp, iMessage or SMS/MMS applications have now doubled to $1 million.

Other payouts offered by Zerodium for Chrome on Android and Safari on iOS exploits go for $500,000. The exploits for both web browsers include remote code execution, privilege escalation, and a sandbox escape.

The broker offers up to $100,000 for local PIN or TouchID bypass methods for both Android and iOS devices, the offer is increased of $85,000 respect previous one.

Zerodium increased of $100,000 the amount for remote code execution flaws in Outlook, Microsoft Exchange Server, PHP, and OpenSSL.

Rewards for a Windows RCE exploits via SMB or RDP packets without any user interaction is doubled, reaching $1 million.

Payouts for Chrome, Apache and Microsoft IIS exploits are doubled too and now are $500,000.

This post Zerodium Offers $2 Million for Remote iOS Jailbreaks, and Much More originally appeared on Security Affairs.

Read More