If you're a hacker or security researcher who's good at finding bugs and exploits for the iPhone, there's probably never been a better time to turn your work into a whole lot of money.
On Thursday, a company that offers bounties for all kinds of unknown exploits in computer systems, known as "zero-days," increased the payout for anyone who can find a way to jailbreak the iPhone from afar to a whopping $1.5 million. The company, which is called Zerodium, became famous last year when it offered $1 million challenging researchers and bug hunters to find a way to hack the iPhone remotely.
"We want to attract more suppliers as we can afford to buy multiple iOS exploit chains," Chaouki Bekrar, the founder of Zerodium and a well-known zero-day merchant, told Motherboard in an online chat. "We are backed by big buyers and customers, our zero-day acquisition budget is a kind of unlimited."
Zerodium's increased payout comes just a few weeks after Apple announced a long-awaited bug bounty program, promising rewards of up to $250,000 to security researchers who find and report bugs to the company. (Apple declined to comment for this article.)
"Now that Apple has a well-paying bug bounty, companies like Zerodium will have to pay more to convince researchers to sell their bugs rather than responsibly disclosing them to Apple," iOS security researcher and jailbreaker C0deH4cker told Motherboard in a chat.
The iPhone is widely regarded as the most secure mobile phone in the world, so it's only natural that companies or government agencies are willing to pay big bucks to get around its air-tight security measures.
Despite its higher payouts, some researchers might not want to send their bugs and exploits to Zerodium for moral reasons.
"I would rather responsibly disclose iOS vulnerabilities I find to Apple than sell them," C0deH4cker said. "If I were to sell a "remote jailbreak" (which is just a euphemism for "complete remote takeover") to a company like Zerodium, the security vulnerabilities will not get fixed. Also, I would have no idea what my exploits would be used for or who the final buyer would be, such as a domestic or foreign government agency. That's where the balance of morals and money comes in."
Other than Zerodium and Apple, another firm, Exodus Intelligence, has attracted attention by offering $500,000 for iPhone exploits the week after Apple launched its bug bounty program. But $1.5 might be above market rate.
"Jailbreaks are just too valuable to give away for free because they have been known to go for more than $500,000," Ryan Duff, a security researcher and former member of US Cyber Command, told Motherboard last week.
Moreover, these kind of exploits aren't that easy to come by. Yes, the iPhone 7 has already been jailbroken by a 19-year-old working by himself, but it takes time, money, and a talent to find exploits that would qualify for Zerodium's bug bounty. Also, in the case of the young hacker, his jailbreak was local, and not remote.
"Figure it takes at least 25% of the total payout amount as upfront investment to find a vulnerability and write an exploit," Dan Guido, the founder of security firm Trail of Bits, told me. "So you have to spend $375k speculating that you will be able to write the full jailbreak. And it's real speculation. You might spend that much doing the research and come up empty handed."
Yet, for the chance of getting $1.5 million, the risk might be worth it.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.