Zerodium announces ‘Million Dollar iOS 9 Bug Bounty’

The company just pushed out the latest edition of iOS last week, and it seems that, at the time of this writing anyway, no iOS 9 jailbreak is available yet.

The terms of Zerodium’s offer require hackers not to disclose the vulnerability to Apple, so that its customers can use the hack in secret. Less than 2 months to come up with iOS 9 exploits are too less, especially if you are someone who does not have an iOS developer credential, and the bounty might go unclaimed. From there, depending on what version, either Installer.app or Cydia would install in the background and jailbreak the iPhone.

Security firm Zerodium has announced a million bounty for vulnerabilities found in iOS 9 that will allow a non-jailbroken device to be compromised and controlled remotely.

Zerodium then offers a reward of $1 million for each individual or team that can create and submit to the company an exclusive, browser-based and untethered jailbreak for Apple’s iOS 9. Apple’s firmware updates usually result in jailbreak tweaks and apps failing to work on iOS devices, forcing the jailbreaking community to once again develop a new jailbreak with the firmware update.

“Apple iOS, like all operating systems, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple’s iOS is now the most secure mobile OS”, the company said in a statement announcing the bounty. They published the full list of rules on their website. The jailbreak solution can also start from a text message. (That’s “law enforcement, governments, and major private companies”, according to Forbes.) Although, I’m sure you could fine plenty of ways to ease your conscience with your newfound riches. Zerodium is offering the reward until 6 p.m. Eastern on October . 31.

Zerodium was founded just this previous summer by Chaouki Bekrar, who has made a name for himself as a merchant of zero-day exploits, which are computer codes that attack vulnerabilities in software that were previously unknown.