iOS 9 Hacking Bounty Has Been Set at $1 Million



An exploit trader that goes by the name of Zerodium, has today announced a $1 million bounty for any new flaws in iOS 9, that would allow an attacker to compromise a non-jailbroken iPhone or iPad device through a web page, in-app browsing action or a text message. Zerodium has announced that it will pay that hefty sum to anyone who gives the company a hacking technique that can take over an iOS device remotely.

“Due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple’s iOS is currently the most secure mobile OS. But don’t be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here’s where the Million Dollar iOS 9 Bug Bounty comes into play”.

Zerodium notes that the million dollar iOS 9 bug bounty is tailored for experienced security researchers, reverse engineers and jailbreak developers, and that they have offered to pay out a total of three million U.S. dollars ($3,000,000) in rewards for iOS exploits or jailbreaks.

“ZERODIUM will pay out one million U.S. dollars ($1,000,000.00) to each individual or team who creates and submits to ZERODIUM an exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices.”

The program, which is open until October 31st, 2015 at 6:00 p.m., clearly reflects just how difficult it has become to penetrate Apple’s increasing layers of iOS security.


  • ????Dennis

    If I was a hacker able to crack it, I would go to Apple first. I’m sure they would pay more than a mill. It’s worth the trip to San Fran

  • Aleks Oniszczak

    I think you overestimate how much Apple values their customers’ security.

  • Patrick Ducharme

    Apple won’t pay that much for an exploit. I think they only give “credit” in KB articles when there is a new iOS that credits the security team that gave them the exploit…

    If I was able to do it, I’d do it for the Mill!

  • Z S

    Apple doesn’t have a bug bounty, so they wouldn’t pay you anything. Better to go to Zerodium, collect your million, then head over to Apple and let them know.

  • ????Dennis

    I think you underestimate it. Seeing as it’s the most secure phone… Samsung and Google are the ones that don’t care.

  • Aleks Oniszczak

    You are presenting what is called “the straw man argument”. Nowhere did I say Apple doesn’t care, but you are pretending that I did. Then you try to knock down the argument that I didn’t even make. Of course they care about privacy, but not THAT much. Read my comment, I just said that of their billions of dollars in the bank, they are not willing to pay a million dollars in the interest of their customers privacy.