The bounty was set by a new startup called Zerodium. The company is owned by Chaouki Bekrar, who peddles zero-day, vulnerabilities.
To win the bounty the hacker had to remotely jailbreak a new iPhone or iPad running the latest version of Apple’s mobile operating system iOS and allow the attacker to install any app he or she wants with full privileges. The initial exploit, according to the terms of the challenge, had to come through Safari, Chrome, or a text or multimedia message.
Jailbreaking an iPhone is usually pretty easy, but most of these don’t work remotely.
Making the jailbreak remotely triggerable via Safari or Chrome requires at least two to three additional exploits compared to a local jailbreak.
Bekrar said that the winning team used a combination of vulnerabilities to bypass “almost all mitigations” and achieve “a remote and full browser-based (untethered) jailbreak”.
Bekrar and Zerodium, as well as its predecessor VUPEN, have a different business model. They offer higher rewards than what tech companies usually pay out, and keep the vulnerabilities secret, revealing them only to certain government customers, such as the NSA.
The Tame Apple Press is furious of course. It claims that the iPhone is impossible to hack, however this story says that there are so many bugs in the iOS the right combination can be used to totally own a phone without anyone being aware of it.
This exploit would allow the NSA and FBI to get around any security measures and get into the target’s iPhone to intercept calls, messages, and access data stored in the phone.
Security experts were not surprised that somebody claimed the prize but will be very surprised that t Zerodium would pay out.
Bekrar said that Zerodium is still testing the vulnerabilities to make sure the exploit chain”fully meets the bounty rules.”