While Apple might be trying to attract high profile hackers to help secure iOS through its bug bounty program, Zerodium will pay 1.5 million dollars bounty for iOS 10 remote jailbreak poaching the talented jailbreaking hackers. As you may know last year, soon after Apple launched iOS 9 to public, Zerodium — a premium zero-day acquisition platform — announced a $1 million bounty program for iOS 9 jailbreak. This year around, the company has raised the stakes even higher for iOS 10 jailbreak at $1.5 million.
This time around, the company’s bounty will pay this large sum of money for a remote jailbreak exploit for iOS 10 software version. Unlike last year, when Zerodium’s bounty program was only running for a limited period of time, this year’s bounty program will be running all year long. The company was initially offering $500,000 for iOS 10 remote jailbreak exploit but raised the stakes after it noticed how Apple has further increased its security measures in iOS 10.
Zerodium’s bounty award is significantly higher than Apple which has a maximum reward of $200,000 for major vulnerabilities. Additionally, the program is invite-only, though the company can consider opening it as it grows.
Zerodium uses the exploits it gets from such programs to sell to its customers or clients which likely pay it millions of dollars for them. The people and groups who sell their exploits to bounty programs like these typically have no intention of releasing their jailbreak to the public in the first place, as they understand the great value behind them. As the result they prefer to sell the jailbreak tool.
Last year one team who made a remote browser-based iOS 9.1 and iOS 9.2 beta untethered jailbreak had won the money, so we will see who will get 1.5 million dollars bounty for iOS 10 remote jailbreak.