Hackers of iPhone awarded $1 Million Bounty

Hackers of iPhone awarded $1 Million Bounty

by Malik korrich ~ mercredi 4 novembre 2015

Apple has been claiming that its iOS9 cannot be breached. However, this claim has been rendered futile by a group of unknown hackers. Acting on a bounty offer from Zerodium, these hackers could successfully jailbreak iOS9.1 and iOS9.2b devices.

The actually challenge was much tougher than simply jailbreaking the Apple devices. Zerodium is a security firm that works with several government agencies. It offered the bounty of $1 million to those who can jailbreak iOS powered devices and the findings will be kept secret for the use of only these government agencies. These will not be released to the public and the name of the hacking group is kept a secret.

Zerodium is still evaluating the jailbreaking exploit. As a part of the attack criteria, it was essential that the jailbreaking needs to be done in a remote manner using browsers such as Safari or Chrome and through messaging services. It means that it is not a single exploit and required multiple exploits or a chain of exploits to jailbreak Apple devices with iOS9.x.

After the large bounty was announced, various teams tried to work on the vulnerability but only one could succeed. Companies like Google announce their own bounties to white hack hackers who can reveal their vulnerabilities so that these companies could patch them. Apple does not follow this practice and instead claims to be highly secure. Apple is not completely incorrect either.

The jailbreaking instance of iOS9.x is the first in last one year since the exploit of iOS7 and it took the announcement of a bounty of $1 million for someone to succeed at jailbreaking iOS9.x. It shows that Apple devices are actually quite secure. Even the government agencies have complained about the inability to breach the encryption of iOS9.x devices. It seems Zerodium might have found an answer for them.