Zerodium, a zero-day acquisition platform has announced a zero-day bug bounty program called The Million Dollar iOS 9 Bug Bounty. Put simply, its a callout to anyone that can bypass iOS 9's security. The company says that it will pay out $1 million to each individual or team who can create and submit to it an exclusive, browser-based, and untethered jailbreak for the latest iOS 9 operating system.
In the official page for the bounty program, Zerodium has stated, “Apple iOS, like all operating system, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple's iOS is currently the most secure mobile OS. But don't be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here's where the Million Dollar iOS 9 Bug Bounty comes into play.”
Zerodium is willing to pay out a total of $3 million in rewards for iOS exploits and jailbreaks. The program is aimed towards experienced security researchers, reverse engineers, and Jailbreak developers. The program is open until October 31, 2015 till 6:00 pm EDT or till the maximum payout of $3 million has been reached.
Zerodium has also posted a number of conditions for any submission to be eligible. Submissions must include a full chain of unknown, unpublished, and unreported vulnerabilities/exploits (zero-days) that are combined to bypass all iOS 9 exploit mitigations.
Another requirement is that the submission must lead to and allow remote, privileged, and persistent installation of an arbitrary app on a device with iOS 9. The attack could either be through a webpage that targets the default configuration of mobile Safari or Chrome. It could also be through a web page that targets any app that’s reachable through the browser. The attack could also occur through a text or multimedia file delivered through SMS or MMS.
The company also says that the entire process should be achievable remotely and silently without any interaction from the user except visiting a web page or reading an SMS/MMS. Partial or incomplete exploits/jailbreaks will not be eligible for the bounty. However, Zerodium may make a distinct offer to acquire the partial exploit.