Zerodium, a startup that famous for buy and sells hacking tools and exploits to governments around the world. It announced a price for iOS remote jailbreaks and Windows exploits. Security researchers can get $1,000,000 for exploits in WhatsApp, iMessage, and SMS/MMS apps for all mobile operating systems.
“Messaging apps in general and WhatsApp, in particular, are sometimes the only communication channel used by targets and end-to-end encryption makes it difficult for our government customers to intercept such communications,” Zerodium’s founder Chaouki Bekrar told Motherboard in an online chat. “So having the ability to remotely compromise these apps directly without compromising the whole phone is much more strategic and effective.”
Increase in price shows that mobile devices are getting more and more secure than ever, and thus harder to hack. So it is hard for the hackers to break into iOS and Android devices.
In a Tweet Zerodium said,
Announcement: We are increasing our bounties for almost every product.
We're now paying $2,000,000 for remote iOS jailbreaks, $1,000,000 for WhatsApp/iMessage/SMS/MMS RCEs, and $500,000 for Chrome RCEs.
More information at: https://t.co/0NBRnq4I4y pic.twitter.com/vXDyxC3Q4v
— Zerodium (@Zerodium) January 7, 2019
A security researcher Maor Shwartz, said “There are some unicorns that companies are willing to buy for a lot of money, more than $1 million dollars for a vulnerability. It’s the [remote code execution] for iMessage, WhatsApp, Signal, Telegram, etc”. “Once you have this kind of vulnerability it’s worth a lot of money.”
Another researcher, Bekrar warned said, “Exploitation is harder, it takes longer, but more researchers are looking into these targets and our goal by increasing our prices is to continue this momentum and encourage researchers to keep hunting for exploits”.
“I’m in the zero-day industry for more than 15 years and I’ve never seen as many exploits as in 2018,” he added. “You can’t imagine what’s being developed and sold.”