Connect with us

The Motivator

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits
Advertisement

The Motivator

Rapper Tells Men That ‘Letting Their Females’ Sit On The Internet All Day Will Ruin Their Families

Innovations The Motivator

Advanced custom CMOS image sensor development

Softwares The Motivator

Discord CEO Jason Citron makes the case for a smaller, more private internet

The Motivator

Elon Musk’s Starlink slashes internet price by 45% in Nigeria

Enterprenuer Tech News

Glo Launches New Internet Solution Products for Homes, Businesses

Articles Laptops

How to Fix Slow Internet Connection on a MacBook

Articles

EXPERT SHARES PERSPECTIVE ON IMPLEMENTING INNOVATIVE SOLUTIONS

Enterprenuer News

Elon Musk's Neuralink shows first brain-chip patient playing chess

Tech News The Future The Motivator

OpenAI CEO wants to raise not billions, but trillions, here’s why

The Motivator

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits

Exploit acquisition firm Crowdfense is offering a total of $30 million for zero-day exploits targeting Android, iOS, Chrome, and Safari.

Founded in 2017, Crowdfense describes itself as “a research hub and acquisition platform for high-quality zero-day exploits and advanced vulnerability research”.

In 2019, the company announced an exploit acquisition program for Android and iOS zero-day vulnerabilities, offering payouts of up to $3 million for full-chain, previously unreported exploits.

This year, the firm has revealed significantly higher rewards as part of the program, offering bounties of up to $9 million for zero-click full chain exploits deliverable via SMS or MMS messages.

Researchers able to deliver zero-click full chain exploits for Android may earn as much as $5 million, while those identifying similar zero-days in iOS could receive as much as $7 million for their findings, Crowdfense says.

Exploits leading to remote code execution and sandbox escape on iOS could earn researchers up to $3.5 million.

The company is willing to pay between $2 million and $3 million for Chrome exploits leading to remote code execution and local privilege escalation, and $2.5 million to $3.5 million for similar exploits targeting Safari.

Crowdfense is also offering hundreds of thousands of dollars for less impactful sandbox escape exploits targeting Chrome and Safari.

According to the company, only fully functional, top-quality zero-day exploits will be evaluated as part of the program.

“Payouts for full-chains or previously unreported, exclusive capabilities, range from USD 10,000 to USD 9 million per successful submission. Partial chains will be evaluated on a case-by-case basis and priced proportionally,” Crowdfense announced.

Crowdfense is not the only firm looking to acquire Android and iOS exploits. Last year, Russian zero-day acquisition firm Operation Zero announced it was willing to pay up to $20 million for full exploit chains targeting the iOS and Android mobile platforms, claiming “high demand on the market”.

Source : https://www.securityweek.com/company-offering-30-million-for-android-ios-browser-zero-day-exploits/

Post Views: 52
Related Topics:
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: