Are you considering a career change? The price of zero-day hacking tools continues to rise. In the new price list announced this week: Tech CrunchThe startup Crowdfense said it would pay $5 million to $7 million for a zero-day to break into the iPhone.
How much is an iPhone exploit worth?
as described Tech CrunchThese attacks are called “zero days” because they “rely on unpatched vulnerabilities in software that the software manufacturer is unaware of.”
Companies like Crowdfense and one of its competitors, Zerodium, claim to acquire these zero-days for the purpose of reselling them to other organizations, usually government agencies or government contractors, who claim they need the hacking tools to track or monitor criminals.
Crowdfense said it would pay between $5 million and $7 million for an iPhone zero-day and up to $5 million for an Android zero-day, according to its new price list.
- Google Chrome Zero Day: Up to $3 Million
- Safari Zero Day: Up to $3.5 million
- iMessage zero-day: $3-5 million
- WhatsApp Zero Day: $3-5 million
These figures are all increases compared to Crowdfense's last price announced in 2019. In the report, the company offered $3 million for Android and iPhone zero-days. Tech Crunch It says this is a byproduct of companies including Apple and Google improving the security of their platforms and patching vulnerabilities as they arise more quickly.
Crowdfense's payout is now the “highest publicly known price” outside of Russia. Tech Crunch says:
Crowdfense currently offers the highest prices publicly outside of Russia. A company called Operation Zero announced last year that it would pay up to $20 million for tools to hack iPhone and Android devices. However, prices in Russia may be inflated due to the war in Ukraine and subsequent sanctions, which could discourage or completely prevent people from doing business with Russian companies.
Apple offers its own Apple Security Research Bounty Program, where security researchers can earn up to $2 million.
The full report is Tech Crunch It provides an interesting look into the wider world of zero-day exploit payouts and bounty programs.
follow opportunity: thread, TwitterInstagram, Mastodon.
FTC: We use automated affiliate links to generate income. more.