Exploit vendor offers large bounties for messaging app 0days

By
Follow google news

Up to US$500,000 on the table.

Controversial exploit vendor Zerodium is willing to pay up to half a million US dollars (A$632,128) for working remote code execution and local privilege escalation security flaws in popular secure messaging apps.

Exploit vendor offers large bounties for messaging app 0days

The company has added Telegram, Facebook Messenger, WhatsApp, Viber, WeChat and Signal to its bounty list for zero-day vulnerabilities.

It will also pay US$500,000 for working exploits against Apple's iMessage as well as telcos' text and multimedia messaging services.

Apple iOS 11 remote jailbreaks or bypassing of the operating system's restrictions against running code with elevated privileges pay even more.

Zerodium has upped its offer to US$1.5 million for such exploits, but they have to be remote and with no user interaction such as clicking on links or opening files, else the bounty drops to US$1 million (A$1.26 milllion).

The exploit vendor also targets desktop operating systems, web browsers, and servers, as well as mobile phones from Apple, Android makers, and Blackberry.

Zerodium says it sells the exploits to governments which use them to track and capture criminals. It has denied the exploits are sold to repressive regimes. It also will not share the flaws with vendors so patches can be developed.

Add iTnews as your trusted source

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Bendigo Bank aims to have Australia's "first agentic SOC"

Bendigo Bank aims to have Australia's "first agentic SOC"

ASD to retire Essential Eight cyber security framework within next two years

ASD to retire Essential Eight cyber security framework within next two years

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases

Apple is releasing updates early in response to AI cyber security concerns

Apple is releasing updates early in response to AI cyber security concerns

Log In

  |  Forgot your password?