Though Apple runs a successful in-house bug bounty program, many third-party companies offer bounties to the tune of millions. Here’s a new security startup that is offering up to $3 million for zero-day exploits.
Table of Contents
Zero-day exploits command million dollar bounties
Crowdfense, a new security startup from the UAE, is offering million dollar bounties to hackers.
The current budget of Crowdfense’s bug bounty program is $10 million. Once a hacker succeeds in hacking any of the given systems, he will receive $500,000 to $3 million from this amount.
Crowdfense is on the lookout specifically for 1-click and 0-click exploits.
For those who don’t know, 1-click exploits require user interaction (jailbreak tools) whereas 0-click exploits execute automatically.
This program is not limited only to iOS, other operating systems like macOS and Android are also included.
Once Crowdfense experts test the exploit, the hacker will receive the bounty amount.
The company will then sell the exploit to law enforcement and intelligence agencies like the American FBI and NSA.
This will allow them to recoup their investment while still making a hefty profit.
This is bad news for the jailbreak community because hackers may not make their exploits public anymore.
Apple’s bug bounty program offers up to $200,000 for iOS and macOS vulnerabilities.
Once a hacker discloses a vulnerability to Apple, it can be made public once Apple addresses it. This can and has lead to a few jailbreak tools in the past.
Private bug bounty programs, on the other hand, are strict as regards exploits. Hackers involved in such programs never make their exploits public.
For more security news and updates, give us a like on Twitter and Facebook.