$1,000,000.00 Reward for Hacking iOS 9

Tuesday, September 22, 2015

You can now WIN 1 Million Dollars for finding zero-day hacks for iPhones and iPads.
New Security firm Zerodium, a startup of the infamous French-based Security firm "VUPEN", who is well known for buying and selling zero-day vulnerabilities.

Yes, $1,000,000.00 Reward
 
Zerodium, which describes itself as "the premium zero-day acquisition platform," announced a total of $3 Million ($3,000,000) bounty bounty rewards for iOS exploits and jailbreaks.
 

$3 Million Reward for Zero-day exploits and Jailbreaks 

 

Eligibility 

The Zero-day Acquisition Firm challenges hackers, researchers, and bug hunters to discover zero-day flaws and exploits in Apple's latest mobile operating system iOS 9 that must allow an attacker to remotely compromise a non-jailbroken iOS device through:
 
  • Eligible submissions must include a full chain of unknown, unpublished, and unreported vulnerabilities/exploits (aka zero-days) which are combined to bypass all iOS 9 exploit mitigations including: ASLR, sandboxes, rootless, code signing, and bootchain.

  • The exploit/jailbreak must lead to and allow a remote, privileged, and persistent installation of an arbitrary app (e.g. Cydia) on a fully updated iOS 9 device (see below).

     The initial attack vector must be either: 
         - a web page targeting the mobile browser (Mobile Safari OR Google Chrome) in its default configuration; OR 
         - a web page targeting any application reachable through the browser; OR 
         - a text message and/or a multimedia file delivered through a SMS or MMS.

  • The whole exploitation/jailbreak process should be achievable remotely, reliably, silently, and without requiring any user interaction except visiting a web page or reading a SMS/MMS (attack vectors such as physical access, bluetooth, NFC, or baseband are not eligible for the Million Dollar iOS 9 Bug Bounty. ZERODIUM may, at its sole discretion, make a distinct offer to acquire such attack vectors.).

  • The exploit/jailbreak must support and work reliably on the following devices (32-bit and 64-bit when applicable): 

         - iPhone 6s / iPhone 6s Plus / iPhone 6 / iPhone 6 Plus 
         - iPhone 5 / iPhone 5c / iPhone 5s 
         - iPad Air 2 / iPad Air / iPad (4rd generation) / iPad (3th generation) / iPad mini 4 / iPad mini 2

  •  Partial or incomplete exploits/jailbreaks will not be eligible for the Million Dollar iOS 9 Bug Bounty. ZERODIUM may, at its sole discretion, make a distinct offer to acquire such partial exploits.

  • All submissions must be made exclusively to ZERODIUM and must include the fully functioning exploit and its source code (if any), and a detailed whitepaper describing all the zero-day vulnerabilities and techniques used in the jailbreak.4

The bug bounty program is valid and open until October 31st, 2015 at 6:00 p.m. EDT, and or until the firm ends up paying the total promised payout of $3 Million to researchers and developers.

 

If you are the talented hacker, here is your source for reward $ 1,000,000.00 rewars,

https://www.zerodium.com/ios9.html

 

 

Leave your comment