Nov 03, 2015 07:20 PM EST
iPhone Hackers Win $1 Million Prize For iOS 9 Jailbreak

A group of hackers have just won a million dollar bounty after successfully discovering a remote jailbreak for Apple's latest mobile operating system iOS 9.

The prize money was sponsored by Zerodium, a cybersecurity start-up that specializes in 'zero-days' - a term for undiscovered software vulnerabilities that could lead to possible breaches.

Back in September, the company issued this call-to-action for an iOS 9 zero-day.

'Apple iOS, like all operating systems, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple's iOS is currently the most secure mobile OS. But don't be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here's where the Million Dollar iOS 9 Bug Bounty comes into play.' It reads.

According to Wired, the winning group developed a 'carefully crafted website' that, when visited, opens the door for any iOS 9 powered iPhone or iPad to be hacked.

Company founder Chaouki Bekrar told Forbes Magazine that two groups had submitted entries into the competition, but only one met the criteria required by the company.

The announcement stipulated that 'The exploit/jailbreak must lead to and allow a remote, privileged, and persistent installation of an arbitrary app (e.g. Cydia) on a fully updated iOS 9 device.' 

Further guidelines state:

'The whole exploitation/jailbreak process should be achievable remotely, reliably, silently, and without requiring any user interaction except visiting a web page or reading a SMS/MMS (attack vectors such as physical access, bluetooth, NFC, or baseband are not eligible for the Million Dollar iOS 9 Bug Bounty. ZERODIUM may, at its sole discretion, make a distinct offer to acquire such attack vectors.).'

The rival team was able to discover a partial exploit, and Bekrar says the company is still deliberating whether or not the effort deserves a smaller reward.

 PREVIOUS POST
NEXT POST