Bug Bounties Reaching $500,000 For iOS Exploits

Use Netsparker


It seems this year bug bounties are getting really serious, especially on the secondary market involving exploit trading firms, not direct to the software producer or owner.

Bug Bounties Reaching $500,000 For iOS Exploits

$500,000 isn’t chump change and would be a good year for a small security team, especially living somewhere with a weaker currency. Even for a solo security researcher in the US or Europe that’s a serious wad of cash.

Chrome isn’t too far behind either with $150,000 payouts available.

Last week Apple made its belated entrance into the bug bounty market, announcing a top award of $200,000 for major flaws in iOS, but Cook & Co have been comprehensively outbid.

On Tuesday, exploit trading firm Exodus Intelligence said it is willing to pay $500,000 for a major flaw in iOS 9.3 and above – and the exploit to use it. Researchers can either take a lump sum or accept a smaller sum and quarterly payments until the exploit is found, which the company’s founder told The Reg could add up to even more.

“The majority of our clients are defensive vendors, penetration testers, and red/blue teams,” said Logan Brown, president of Exodus.

Apple exploits get the highest reward, reflective of their scarcity. Microsoft and Google’s bug bounty programs will also need to up their rewards to match Exodus’s prices.

A zero day in Google Chrome would earn a maximum of $150,000, 50 per cent more than the Chocolate Factory’s highest cash payout.


It looks like Apple devices are still the hot thing to go after with a serious lack of exploits available for new iOS versions. Even Apple themselves are offering $200,000

To get the maximum payout from Apple you’ll need to provide a flaw in the secure boot firmware that so irritated the FBI, while a crack that can extract confidential data protected by a phone or tablet’s secure enclave processor (SEP) will yield a prize of up to $100,000.

Meanwhile, finding a serious flaw in Redmond’s Edge browser is worth $125,000 to Exodus, dwarfing the $500 and $1,500 currently offered by Microsoft. There’s also $75,000 up for grabs if you can subvert the local privileges in Windows 10 and show how it’s done.

Exodus has said it’s happy to pay these bounties in check, wire transfer, Western Union, or Bitcoin.

Nevertheless, this is exactly the type of bidding war that major software companies didn’t want to see when they started doing bug bounties. Initially prices for vulnerabilities were set low, but are rising to meet market rates. Now security researchers are able to make a decent living practicing their craft.

As you can see, Exodus is offering multitudes more than the vendors themselves with a flaw in Edge going for $125,000 with Microsoft only offering a measly $1500.

It’s not what the software vendors wanted, but it’s what the public needs to expose serious flaws – they need to cough up and catch market rates though. If not the exploits may end up with governments that probably shouldn’t have them.

Source: The Register

Posted in: Apple, Exploits/Vulnerabilities

, ,


Latest Posts:


Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.


Comments are closed.